A post about identifying key areas of Configuration Manager (SCCM) infrastructure that defenders can implement for deception solutionshttps://specterops.io/blog/2026/02/19/mapping-deception-solutions-with-bloodhound-opengraph-configuration-manager#infosec #cybersecurity #redteam #blueteam #windows #dfir
It is possible as a low privileged user to parse the Windows event logs for any ASR exclusionhttps://primusinterp.com/posts/WindowsASR/#infosec #cybersecurity #redteam #pentest
The Live Terminal feature of Cortex XDR can be abused by attackers as a pre-installed, EDR-trusted C2 channelhttps://labs.infoguard.ch/posts/abusing_cortex_xdr_live_response_as_c2#infosec #cybersecurity #redteam #pentest
R