Michael Young
@mbmy.bsky.social
Sorry I respectfully disagree here. There are just so many examples of secure defaults significantly raising the bar against attackers. Microsoft disabling macros by default with the mark of the web is a perfect example. Attackers shifted tactics almost immediately in response.
February 15, 2026 at 2:19 AM
Sorry I respectfully disagree here. There are just so many examples of secure defaults significantly raising the bar against attackers. Microsoft disabling macros by default with the mark of the web is a perfect example. Attackers shifted tactics almost immediately in response.
We need systems like Entra to embrace secure defaults more often. People will not use the features in like 90% of cases if they aren't pushed in that direction. Passkeys done right would prevent the current nightmare situation of AITM phishing that the wold faces.
February 14, 2026 at 1:34 PM
We need systems like Entra to embrace secure defaults more often. People will not use the features in like 90% of cases if they aren't pushed in that direction. Passkeys done right would prevent the current nightmare situation of AITM phishing that the wold faces.
Every security company imaginable is going to exaggerate any opportunity to point to AI in their marketing, but I'm not sure I'd say it's an outrageous prospect to think that attackers aren't leveraging it?
October 21, 2025 at 7:15 PM
Every security company imaginable is going to exaggerate any opportunity to point to AI in their marketing, but I'm not sure I'd say it's an outrageous prospect to think that attackers aren't leveraging it?
Yeah as I thought about it, it would depend on SMB signing and whatnot. Thanks!
December 14, 2024 at 1:16 AM
Yeah as I thought about it, it would depend on SMB signing and whatnot. Thanks!
This is awesome! I did not know of that arbitrary delete LPE until this. I wonder if you could you simply do an ntlmrelayx SOCKS proxy to gain a session instead of this? If it would work, that could be relayed back to the host to achive RCE.
December 12, 2024 at 6:35 PM
This is awesome! I did not know of that arbitrary delete LPE until this. I wonder if you could you simply do an ntlmrelayx SOCKS proxy to gain a session instead of this? If it would work, that could be relayed back to the host to achive RCE.
Not sure what this talk was from, but any chance it was recorded?
December 4, 2024 at 3:13 PM
Not sure what this talk was from, but any chance it was recorded?