![Misconfiguration Manager: Overlooked and Overprivileged- Duane Michael & Chris Thompson[SO-CON 2024]](https://securityboulevard.com/wp-content/plugins/pt-content-views-pro/public/assets/images/lazy_image.png)
Life at SpecterOps: The Red Team Dream
TL;DRWe are hiring consultants at various levels. The job posting can be found under the Consultant opening here: https://specterops.io/careers/#careersIntroductionHey there! I’m Duane Michael, a Managing Consultant and red teamer at SpecterOps. Over the past four years, I’ve had a front-row seat to the company’s incredible journey. In that time, we’ve ... Read More
Misconfiguration Manager: Overlooked and Overprivileged
TL;DR: Misconfiguration Manager is a central knowledge base for all known Microsoft Configuration Manager tradecraft and associated defensive and hardening guidance. We’re also presenting this material at SO-CON 2024 on March 11, 2024. We’ll update this post with a link to the recording when it becomes available.BackgroundSuppose you’ve been following ... Read More
The Phantom Credentials of SCCM: Why the NAA Won’t Die
TL;DR — Stop Using Network Access Accounts!If a Windows machine has ever been an SCCM client, there may be credential blobs for the network access account (NAA) on disk.If an Active Directory account has ever been configured as an NAA, there may be credential blobs for that account on Windows hosts in the ... Read More