This page is about cybersecurity
See more:
https://portswigger.net/web-security
https://www.youtube.com/watch?v=FSjOrIHun-A
"An advanced persistent threat (APT) is a sophisticated, sustained cyberattack in which an intruder establishes an undetected presence in a network in order to steal sensitive data over a prolonged period of time".
https://attack.mitre.org/mitigations/M1042/
-
If you want to stop and disable the WinRM for security reasons, you can do so in the Services snap-in (type "services" in the start menu), or you can use PowerShell:
Stop-Service WinRM -PassThruSet-Service WinRM -StartupType Disabled -PassThru
- For test:
Test-WSMan localhost
Behavior Prevention on Endpoint - M1040
- Enable Attack Surface Reduction (ASR)
- Open Control Panel.
- Click on System and Security.
- Under the "System" section, click the "Allow remote access" option.
- Click the "Remote" tab.
- Under the "Remote Assistance" section, clear the "Allow Remote Assistance connection to this computer" option.
- Click the "Apply" button.
- Type "UAC" on search bar;
- Use the highest enforcement level for UAC