Operating System Archives

[SANS ISC] Keep An Eye on LOLBins

August 25, 2020 Malware, SANS Internet Storm Center, Security One comment

I published the following diary on isc.sans.edu: “Keep An Eye on LOLBins“: Don’t misread, I won’t talk about “lolcats” today but “LOLBins” or “Living Off The Land Binaries”. All operating systems provide a rich toolbox to achieve multiple day-to-day tasks like maintenance of the certificates, installation of patches and applications,

Tracking Administrator Sessions in Windows Environments

September 24, 2015 Logs Management / SIEM, OS, PowerShell, Security 14 comments

Tracking users with privileged access is a critical taskÂ in your security policy (SANS Critical Security Control #12). If the key point is to restrict the number of “power users” to the lowest, it’s not always easy. Most of them will argue that they need administrator rights “to be able to