17 Mistakes Microsoft made in the Xbox Security System Microsoft
TOP mistakes in Microsoft infrastructure
-
Upload
glib-pakharenko -
Category
Technology
-
view
19 -
download
1
Transcript of TOP mistakes in Microsoft infrastructure
TOP mistakes in Microsoft infrastructure
Glib Pakharenko2016-09-14
gpaharenko at gmail.com
TOP 10 sysadmin mistakes
# Sysadmin mistake Microsoft good practice1 Weak passwords https://technet.microsoft.com/en-us/itpro/windows/keep-se
cure/password-policy2 Mimikatz (password theft) https://technet.microsoft.com/en-us/security/dn920237.aspx 3 Kerberos Golden Ticket https://cert.europa.eu/static/WhitePapers/CERT-EU-SWP_14_07_PassTheGolden_Ticket_v1_1.pdf 4 WMI hidden process
executionhttps://www.fireeye.com/blog/threat-research/2016/08/wmi_vs_wmi_monitor.html
5 Powershell attacks https://www.blackhat.com/docs/us-14/materials/us-14-Kazanciyan-Investigating-Powershell-Attacks.pdf 6 Malicious Office Documents https://blogs.technet.microsoft.com/mmpc/2014/12/30/before-you-enable-those-macros/ 7 Group policy preferences
saved passwordhttps://support.microsoft.com/en-us/kb/2962486
8 Too many domain admins https://msdn.microsoft.com/en-us/library/cc875827.aspx 9 The lack of updates https://technet.microsoft.com/en-us/security/bulletins.aspx 10 The lack of proper time https://support.microsoft.com/uk-ua/kb/262680