It uses a spreadsheet launch a macro register a scheduled task run #PowerShell copy a file run VBA in Outlook
..................for C2
(╯°□°)╯︵ ✉️🔥
I talked about how incidents can teach powerful lessons and contain important truths for defenders.
I talked about while it is often romanced that offense has a richer toolset compared to the singular metaphor for defense ("the shield"). Defense has many creative ideas within it as well.
I've had a lot of neat employee moments at Microsoft. here's one of them.
It was Feb 4, 2014. The board had just named @satyanadella as CEO.
An email said he was going to make some remarks in a building across campus in like 30 minutes. I jumped in my car.
The crowd filled all available space. Ballmer was high energy as usual. It was 2014 so, you know, I had my Windows Phone with me.
Found one of my Microsoft notebooks 📔 from 2005. Here are a few pages on what was on my mind then.
The Longhorn (aka Windows Vista) security plan.
Parsers were having many issues. I put this slide together to create awareness about the pattern we were seeing in MSRC at the time.
Occasionally I printed small versions of my slides and inserted them into my notebooks so I could easily socialize to people in 1-1 conversations.