?? November Dragon's Breath Newsletter
It's November, folks, where daylight savings throws us back in time and the digital age charges forward like a holiday-shopping horde. Fear not, for Trimarc has all the tech wisdom you need to avoid getting trampled by cyber threats (or Cyber Monday crowds).
Bring on the pumpkin spice. Basic Dragon is READY.
Cuddle up with a steaming cup of infosec insights ? thicker than aunt Clara's gravy recipe and cozier than grandma's hand-knitted scarf. Deck the firewalls and dive into a stack of cybersecurity content and random factoids curated for the cozy season. Cool breezes, warm cider, and hot takes on security.
(Visit LinkTree for all of our content & websites: https://linktr.ee/Trimarc)
?? Random factoid: Over 50% of annual turkey sales in the United States take place in the month of November. (Bonus turkey fact: Minnesota produces the highest number of domestically-grown turkeys).
Security Consultant extraordinaire Darryl Baker has been busy!
He ran the Trimarc Identity Security Village at the Hackers Teaching Hackers conference last week, and he recently launched a helpful tool AND a new OS project.
?? Trimarcisia - One Tool to Catch Them All
This wrapper/menu makes it easy to download and open several of the free Trimarc Security tools that are available to help your enterprise secure Active Directory. The wrapper includes popular tools like PowerPUG, Locksmith, BlueTuxedo, and more useful goodies.
Download the free tool at https://github.com/dfirdeferred/Trimarcisia
?? FlameScale OS Community Edition
FlameScale OS is an Ubuntu based distro aimed at Active Directory security research. The community edition is an ongoing project and the distro will continue to evolve (Darryl plans to add more functionality to the OS weekly on Sundays). He welcomes your feedback and your suggestions.
Download FlameScale at https://github.com/dfirdeferred/FlameScale-OS
?? VMware makes Workstation & Fusion free for everyone
VMware has announced that its VMware Fusion and VMware Workstation desktop hypervisors are now free to everyone for commercial, educational, and personal use.
https://www.bleepingcomputer.com/news/software/vmware-makes-workstation-and-fusion-free-for-everyone
??? Automated Configuration from Nathan McNulty
Nathan McNulty has mapped out a collection of commands to help automate the configuration of the Defender for Endpoint settings. Thank you for putting this together, Nathan!
"The beacons are lit, Gondor calls for aid." CTO Sean Metcalf lit the Twitter/X beacons with a question about tracking of the DNS Admins group, and some great responses came through in this thread: https://x.com/PyroTek3/status/1853848431443222721
??? Enablement of Passkeys in Authenticator
Starting mid-January 2025, organizations with enabled passkey (FIDO2) policy and no key restrictions will have passkeys in the Microsoft Authenticator app.
??? Microsoft Entra ID: Emergency Access Accounts
Brandon Colley, Service Lead for the Trimarc Microsoft Cloud Security Assessment, shared a brief video explaining the new guidelines for emergency break-glass accounts in EntraID.
?? Random factoid: November 23rd is Fibonacci Day — When written in mm/dd format (11/23), it makes a Fibonacci sequence (1,1,2,3) where each number is the sum of the two numbers before it.
Webcasts, Podcasts, Blogs, Twitch, YouTube, were suckers for a good stream or educational content piece. Strap on a feedbag and enjoy this month's cornucopia of content.
?? Happy Hour Livestream: BiaSciLab
Girls Who Hack, DC Next Gen, Election Voting Security. Not a bad resume for someone about to turn just 18 years old.
?? Happy Hour Livestream: Ray [REDACTED]
In this Happy Hour livestream, "The Hacker Formerly Known as Ray Redacted" joined us to discuss Ut Scandis, alios subleva.
?? Tons of Happy Hour episodes added to YouTube!
The remarkable, radical, rand0h (Danny Akacki) spent an evening toiling away at his workstation to add a plethora of Happy Hour livestream episodes to our YouTube and Spotify channels.
There are now over 50 HOURS of episodes ready for your listening pleasure. Check out the episodes through the links below, and let us know if you're interested in being a guest on a future stream!
We're in the process of finalizing our calendar of events for 2025, so stay tuned to https://www.trimarcsecurity.com/events to see where you'll find the Trimarc crew in the wild.
?? ShmooCon January 10-12 in Washington, DC
It's the final bow, curtain call, and last hurrah for this community-favorite conference.
You know we wouldn't miss it for the WORLD.
If you run into the Trimarc crew out in the wild, come say hi! Let us shower you with stickers and swag.
?? Random factoid: The last Supermoon of 2024 was Friday, Nov 15th. Nicknamed "the Beaver Moon," as November is when beavers begin to fortify their dams and stock food to prepare for winter.
It can't rain all the time.
Why get an MCSA?
Say you are using Privileged Identity Management (PIM) in Entra ID, fantastic! Are all your administrative accounts enrolled? Do they have active assignment or eligible? PIM is a great step towards protecting privileged accounts, but if it is not configured correctly, then those protections will not apply.
The MCSA identifies issues in your Azure AD (now Entra ID) & Microsoft Office 365 tenant that attackers could leverage to access data, escalate permissions, and persist. [Learn more]
The perfect blend of a Red & Blue team engagement.
Why get an ADSA?
Active Directory Certificate Services (AD CS) is a must for many AD environments. While the deployment may be straightforward, the default security is as good as Swiss cheese. Modern-day attackers are well aware of the vulnerabilities, and you should be too. The ADSA provides an extensive list of checks to ensure AD CS doesn't allow for a full AD compromise.
The ADSA assesses the security of AD environments, delivering prioritized, feasible, actionable recommendations to enhance enterprise security. [Learn more]
Your Warhammer in the battle for Active Directory and Identity Security.
A security posture analysis product that provides visibility into the most important security components of Active Directory, providing at-a-glance insights whether you have one or hundreds of AD forests. [Learn more]
Interested in talking to the Trimarc technical team about our security assessment services? Please reach out to us at https://www.trimarcsecurity.com/contact
?? Trimarc -- From Trimarcisia, “feat of three horsemen,” an ancient Celtic military cavalry tactic where there was always a rider ready to mount the horse of a fallen soldier.
?? Want to receive the Trimarc Dragons Breath newsletter by email? Subscribe at https://www.trimarcsecurity.com/subscribe
Creative Director | Brand Creative, Video, Photography, Social Media, Content, Community
3 个月Wonderfully done! What a fun newsletter!