Pulse of Truth

1246 readers

63 users here now

Cyber Security news and links to cyber security stories that could make you go hmmm. The content is exactly as it is consumed through RSS feeds and wont be edited (except for the occasional encoding errors).

This community is automagically fed by an instance of Dittybopper.

founded 2 years ago

MODERATORS

krogoth@infosec.pub

Admin Rights Are the Problem, Not Which Antivirus You Choose (heimdalsecurity.com)

submitted 3 weeks ago by lemmydev2@infosec.pub to c/pulse_of_truth@infosec.pub

4 comments fedilink hide all child comments

There’s been a lot of noise lately on Reddit and other platforms about how “easy” it is to disable Windows Defender ATP. MSPs are getting questions from clients about this concern. But these discussions are focusing on the wrong issue entirely. Yes, You Can Disable Defender ATP (But That’s Not the Real Problem) If you […] The post Admin Rights Are the Problem, Not Which Antivirus You Choose appeared first on Heimdal Security Blog.

top 4 comments

sorted by: hot top controversial new old

[–] Blue_Morpho@lemmy.world 3 points 3 weeks ago (1 children)

"I’m a high-value target as a founder, and if I don’t have elevated privileges, I can’t accidentally (or through social engineering) compromise the entire system."

That's just security through obscurity. Someone has admin rights.

[–] jet@hackertalks.com 2 points 3 weeks ago (1 children)

The admin account should not be the daily driver account

Admin actions should be deliberate and exceptional, not one misclick away

[–] Blue_Morpho@lemmy.world 3 points 3 weeks ago (1 children)

That's not allowed by default on any mainstream Linux distro or Windows. You have to sudo or click that privilege escalation dialog box in Windows.

[–] jet@hackertalks.com 1 points 3 weeks ago

Yes, on windows you have to click ok to a popup. Which I can tell you from experience users do automatically