Microsoft has published a guide to enable and disable the server message block (SMB). The vulnerability in SMB was exploited by viruses of extortionists (ransomare) for attacks on many computers in different parts of the world. An example of such a virus is Petya.
Dimitrios Margaritis is an IT security officer in the European Economic and Social Committee. He holds a degree in Computer Science from the University of Piraeus and a Diploma in Management from Henley Management College.
Government organizations are usually a complex object of opponents, and traditional methods of detection are not very effective. In this presentation, the authors tried to provide an overview of free tools and methods that were implemented in high-risk environments that are constantly being attacked. It will give detailed information about the use of Microsoft Sysmon and Powershell log data for detection – the ability to search from host-based [...]
Attackers are increasingly adapting to security features. Now they rely less on malicious programs and administrative tools built into operating systems, but use tools such as PowerShell to bypass security systems. Cyber advocates need to know that attackers are increasingly breaking the brink of branch offices or overseas office networks, they can use various methods to jump into the main network and use undisclosed vulnerabilities in public portals, such as resetting the password for portals. Ilyas described how cyber-defenders can prevent an invasion and minimize the impact: