Microsoft’s Patch Tuesday release for April is a whopper

Nearly every major product family needs immediate patching, from Windows to Office to Microsoft Edge, SQL Server, and even ...

Set up a safe testing lab with Hyper‑V and Windows Sandbox

Stop risking your PC. Use Windows 11's built-in virtualization tools to test virtually anything safely in a fully isolated ...
GitHub

win-ad-sensitive attributes accessed (DCshadow).yaml

description: Detects scenarios where an attacker accessed attributes related to DCshadow attack in order to create a fake domain controller. correlation: correlate TargetLogonId from ID 4624 with ...
The Hacker News

DPRK-Linked Hackers Use GitHub as C2 in Multi-Stage Attacks Targeting South Korea

Threat actors likely associated with the Democratic People's Republic of Korea (DPRK) have been observed using GitHub as command-and-control (C2) infrastructure in multi-stage attacks targeting ...
GitHub

win-ad-Kerberos ticket without a trailing $ (CVE-2021-42278).yaml

description: Detects scenarios where an attacker attempts to spoof the SAM account name of a a domain controller in order to impersonate it. Vulnerability comes from that computer accounts should have ...