Submitted via IRC for TheMightyBuzzard
Microsoft researchers Itay Grady and Tal Be'ery have released Net Cease, a PowerShell script that prevents attackers who have already compromised an endpoint from getting information about other targets within the same corporate network.
The idea behind the script is to make attackers' lateral movement on the network more difficult.
[...] Net Cease works by changing the default permissions for the NetSessionEnum method to limit the number of domain users who are able to execute the method remotely.
"The NetCease script hardens the access to the NetSessionEnum method by removing the execute permission for Authenticated Users group and adding permissions for interactive, service and batch logon sessions," the creators explained.
This one's for all you admin types out there who have no choice but to have large numbers of Windows devices on your network.
Source: https://www.helpnetsecurity.com/2016/10/18/net-cease-network-anti-reconnaissance-tool/
(Score: 2) by canopic jug on Thursday October 20 2016, @12:19PM
Look it up in the SEC filing rather. It's there in black and white in the Form 10-Q for the Quarter Ended March 31, 2002 [sec.gov] and earlier. Before M$ became a lobbying engine, it was first and foremost a marketing company. Eons before that, it did an abortive attempt at operating systems, but survived having inherited IBM's monopoly. Before that it did software, but that was eons ago and all that is long ago in the past now. What it is today is unclear, it has gone beyond marketing and lobbying and has several cult-like characteristics.
This "Research" is just marketing money thrown at selected, bumbling grad students or desperate post-docs, in exchange for M$ using their efforts as PR.
Money is not free speech. Elections should not be auctions.