Diamond Ticket vs Golden Ticket: Why Your SOC is Blind

A Diamond Ticket attack is a parasitic cryptographic forgery. It hijacks a legitimate Windows authentication flow. This grants an attacker stealthy, long-term access to your network. Unlike Golden Tickets, which are built from scratch and easily flagged by missing request logs, or Silver Tickets, which are limited to specific services, a Diamond Ticket modifies a …

We Audited Legacy WMIC Commands (Our Defensive Guide)

The removal of WMIC commands changes how you manage Windows, but the underlying security risks haven't gone away. While Microsoft has retired the old wmic.exe tool, the WMI system itself remains a primary target for fileless attacks and stealthy persistence. This guide provides essential translations to migrate your legacy WMIC tasks to secure PowerShell CIM …

Stop Hackers Abusing AD Explorer in Your Corporate Network

AD Explorer is an advanced admin tool used to manage and fix Active Directory databases. Yet, its powerful snapshot feature also helps attackers download your entire directory structure to analyse offline. Once the directory is extracted, hackers feed this data into graph tools like BloodHound to map paths to Domain Admin without triggering network alarms. …

Stop Kerberoasting: Our Advanced Threat-Hunting Blueprint

Modern Kerberoasting detection has moved far beyond watching for bulk ticket requests. In 2026, sophisticated threat actors use targeted requests to blend seamlessly into normal network traffic. With Microsoft’s mandatory move to AES-256, defenders must focus on advanced KQL queries and specific bitmask signatures in Event ID 4769. Tactical Identity Defense: Mastering Kerberoasting Detection in …

Why Active Cyber Defence Strategies are Your Best Offence

Learn How Proactive Security Measures Build True Cyber Resilience Feel like you're always one step behind cyber threats? It's a common worry lately. But what if you could shift from just reacting to actually taking control?  This is what active cyber defence is all about.  It's a more innovative approach where you don't just wait …