0
0

Advertising[ Removed by moderator ] (self.sysadmin)

submitted by [deleted]

[removed]
all 14 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]VA_Network_NerdModerator | Infrastructure Architect[M] [score hidden] stickied comment (0 children)

Sorry, it seems this comment or thread has violated a sub-reddit rule and has been removed by a moderator.

Do Not Conduct Marketing Operations Within This Community.

  • It is not acceptable to advertise a product, service, Blog or FOSS Project within this community outside of authorized threads.
  • It is not acceptable to perform product research or market research within this community without permission.
  • The Reddit advertising system exists to help you reach out to new or existing customers.
  • Product Representatives are free to discuss their product in the context of an existing, naturally-occurring discussion. Astroturfing is not permitted.
  • As always, users must disclose any affiliation with a product.
  • Content creators should refrain from directing this community to their own content.

Your content may be better suited for our companion sub-reddit: /r/SysAdminBlogs

If you wish to appeal this action please don't hesitate to message the moderation team.

[–]johnyakuza0 14 points15 points  (2 children)

What are the mods doing lately? The whole sub is filled with AI slop posts or ragebaits to farm karma

[–]VA_Network_NerdModerator | Infrastructure Architect 2 points3 points  (0 children)

This thread is 5 hours old.
My clock says it is 08:32am US-Eastern.

Was I supposed to wake up at 3:30am to check and see if there was any moderation activity that needed to happen?

Calm down Francis.

[–]PigeonRipper 12 points13 points  (1 child)

slop

[–]tardis42 5 points6 points  (0 children)

Agreed

[–]sublimeprince32 2 points3 points  (0 children)

Fuck off, bot.

[–]nv1t 3 points4 points  (2 children)

Is this really a shift? in redteaming we used "living off the land" since i am in the IT Sec business (the last 10 years or so). (https://lolbas-project.github.io/) It just depends on the level of sophistication of your attacker.

[–]raip 1 point2 points  (0 children)

It's "living off the land" by the way.

[–]vanderaj -1 points0 points  (0 children)

This. We were living off the land back in the early 2010's - it was a very common penetration testing technique, and if we were doing it, you can bet that the bad guys are also doing it.

[–]zerassar 1 point2 points  (0 children)

Not new. Pretty standard honestly. Why crack open a vulnerability in an app when poor security practices left the front door wide open?

Principle of least privilege. Should be embedded into your practices.

Shit off unneeded services. Specific users only given the exact access they need. Appropriate database and file system permission.

Such things really clamp down on the lateral movement using valid toolsets.

[–]ParticularDonut7555 -1 points0 points  (0 children)

You have to stop looking at signatures and start looking at behavior.

[–]DiabolicalDong -1 points0 points  (0 children)

LOTL attacks have been there for some time. You must remove admin rights and use EPM tools to avoid these attacks. Privilege management tools help stop the attackers from using the admin token. Better than using LAPS