Living Off The Land: Suspicious System32

The services below are some of the most commonly abused services for malicious parties to "live of the land". Each are built into Windows and inherit trust by default. Because of this, security controls won't ever be able to fully isolate them without affecting the operating system. For example, your endpoint protection can't block command prompt and Powershell because engineers use them for automation tasks, nor can it block task scheduler or certuitl.......

Stealing Passwords From Clipboard

Password Managers are brilliant! They allow users to create and use complex passwords because they give us a nice secure place to store them. Using Password managers also can also prevent users from writing them down or reusing passwords, which is a huge deterrent against hackers looking to compromise your accounts. It's a win, win....or … Continue reading Stealing Passwords From Clipboard