The Latest in IT Security

How to outwit attackers using two Windows registry settings

08
May
2019

Attackers often use tasks as a means to hide their tracks. They might also use the ability to run tasks with different user rights to gain more access. Earlier, I recommended that you set up auditing to track tasks being set. Now I recommend you harden a setting on your workstations to prevent task scheduling in the first place.

Below are the Microsoft Defender Advanced Threat Protection (ATP) recommended actions:

The “Domain controller: Allow server operators to schedule tasks” setting determines whether scheduled tasks are forced to run under the context of the authenticated account instead of allowing them to run as SYSTEM.

Read More

Leave a reply


Categories

THURSDAY, MARCH 28, 2024
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments