Nasreddine Bencherchali (@nasbench)

🔐 Windows Security and SDDL: What You Need to Know 🔐

Windows permissions misconfigurations are a goldmine for attackers. SDDL (Security Descriptor Definition Language) remains overlooked yet highly exploitable. 🚨

@nasbench.bsky.social and I break it down -->

🧵 (1/)

21.02.2025 15:55 👍 2 🔁 1 💬 1 📌 0

Hey SDDL SDDL: Breaking Down Windows Security One ACE at a Time | Splunk Explore SDDL in Windows security with our comprehensive guide to help enhance your defensive strategy against privilege escalation attacks.

Hey SDDL SDDL: Breaking Down Windows Security One ACE at a Time www.splunk.com/en_us/blog/s....

Thrilled to share my first blog at @splunk! @mhaggis.bsky.social and I take a deep dive into the weird & exciting world of SDDL and ACEs - what they are, how they work, and how attackers can abuse them.

15.02.2025 22:36 👍 12 🔁 5 💬 0 📌 0

Incident Response: Behind the Scenes by InfoSec Deep Dive Explore the field of incident response with our hosts as they discuss what it means to be an incident responder. From preparation to recovery, they cover the phases of handling security incidents and the approach needed to remain effective under pressure. Using real-world examples like ransomware attacks, they talk about the challenges, tools, and teamwork involved in reducing impact and learning from each event. This episode provides insight into the essential role of incident responders. Whether you want to know about the tools they use, the choices they make, or their daily tasks, this episode has you covered. Join us to understand why cybersecurity matters for everyone.

🎙️ New podcast episode is live! I used my experience as an Incident Responder and provided it to NotebookLM to turn into a podcast. Wondering what it feels like to be in IR? This episode shares most responsibilities, true to life for 99% of IR folks.

Hope you enjoy: creators.spotify.com...

27.01.2025 00:10 👍 11 🔁 3 💬 0 📌 0

This is just sad to think about 😔

24.01.2025 22:24 👍 1 🔁 0 💬 0 📌 0

AI allows you to do more work with the same salary. Allowing companies to make more money, and, it uses your data to train so that it'll replace you later.

When is the utopia we read about in sci-fi books. Looks like we skipped to the doom and gloom and AI overlords chapter too quickly 😭

24.01.2025 22:01 👍 7 🔁 0 💬 2 📌 0

I guess we're still here @kostas-sec.bsky.social 😂
Bsky is chill

23.01.2025 00:30 👍 11 🔁 1 💬 3 📌 0

Compared to release v2023-08-24, in v2024-11-10 there are 469 more public #detectionrules in the #SigmaRules repository.

www.dogesec.com/blog/analysi...

#threatintelligence #threatintel

09.12.2024 10:41 👍 3 🔁 1 💬 1 📌 0

💡Interested in #memoryforensics ? Follow

✅ @volexity.com
✅ @volatilityfoundation.org
✅ @attrc.bsky.social
✅ @rmettig.bsky.social
✅ @nolaforensix.bsky.social

➡️ more to come!

20.11.2024 18:49 👍 53 🔁 23 💬 1 📌 0

I’m looking for a new remote work opportunity starting in April. If you think I’d be a good fit for your team, let me know!

20.11.2024 22:07 👍 1 🔁 3 💬 1 📌 0

Blue Sky Jimmy Cliff GIF ALT: Blue Sky Jimmy Cliff GIF

Everybody joining and preaching BS aka Blue sky 😆
Enjoy your weekend everyone.

16.11.2024 00:24 👍 4 🔁 1 💬 0 📌 0

Unwrapping the emerging Interlock ransomware attack Cisco Talos Incident Response (Talos IR) recently observed an attacker conducting big-game hunting and double extortion attacks using the relatively new Interlock ransomware.

Cisco Talos Incident Response (Talos IR) recently observed an attacker conducting big-game hunting and double extortion attacks using the relatively new Interlock ransomware. Read the blog here: cs.co/6019SsMIh
#dfir #threatintel #cybersecurity

13.11.2024 14:06 👍 16 🔁 4 💬 0 📌 0

Windows.edb and WER dumps, just to name a few

10.11.2024 11:43 👍 2 🔁 0 💬 1 📌 0

Appreciate you brother 🙏

02.11.2024 13:02 👍 2 🔁 0 💬 0 📌 0

LOLDrivers are cool 😎

18.11.2023 15:23 👍 5 🔁 1 💬 0 📌 0

Nasreddine Bencherchali

Latest posts by Nasreddine Bencherchali @nasbench