Microsoft Windows

Disable 'WDigest Authentication'

When the WDigest Authentication protocol is enabled, plain text passwords are stored in the Local Security Authority Subsystem Service (LSASS) exposing them to theft.Potential riskDisabling…

Read more

Turn on PUA protection

Enabling Potentially Unwanted Application (PUA) protection will block and automatically quarantine potentially unwanted applications. PUA protection blocking takes effect on endpoint clients after the next…

Read more

WannaCrypt

WannaCrypt (also known as WannaCry) began propagating May 12, 2017 07:44 UTC, installing ransomware to computers affected by CVE-2017-0145, a vulnerability present in version 1 of…

Read more

Msiexec abuse

Attackers are opportunistic in that they will operate with any available tools and resources, resulting in overlapping tactics, techniques, and procedures (TTPs). Many well-known, highly…

Read more