CDCiaran Doherty, AfCIIS, MBCSinblog.cdoherty.co.uk·Feb 22 · 15 min readImmich Deployment on Windows Server Using Docker, WSL, and SMB-Based Persistent StorageIntroduction. Self-hosting applications on Windows servers can be deceptively complex when persistence, security, and reliability are required. This becomes especially true when deploying Linux-first 00
CDCiaran Doherty, AfCIIS, MBCSinblog.cdoherty.co.uk·Dec 21, 2025 · 7 min readClickFix Forensics: Proving Execution Beyond the BrowserThe Attack Explained. ClickFix, sometimes described as “fake CAPTCHA” execution, is a social engineering technique where the attacker deliberately moves the critical step of the intrusion onto the user. Instead of exploiting a vulnerability automatic...00
CDCiaran Doherty, AfCIIS, MBCSinblog.cdoherty.co.uk·Nov 30, 2025 · 2 min readLAPS: The Local Administrator Password Solution For Windows Devices In Entra ID.Overview. Prerequisites. Join types. LAPS is only supported on: Microsoft Entra joined devices. Microsoft Entra hybrid joined devices. Microsoft Entra registered devices are not supported. License requirements. LAPS is available to all customers ...00
CDCiaran Doherty, AfCIIS, MBCSinblog.cdoherty.co.uk·Nov 30, 2025 · 1 min readSOC Casefile: Microsoft 365 Account Compromise Investigation.Introduction. A SOC investigation following a compromised user typically takes between 45 minutes and 3 hours, depending on the volume of user activity, the quality of available audit data, the complexity of the attacker’s behaviour and whether any s...00
CDCiaran Doherty, AfCIIS, MBCSinblog.cdoherty.co.uk·Nov 30, 2025 · 3 min readDeploying Level RMM Using A Microsoft Intune Platform Script.Overview. Level is a lightweight remote monitoring and management platform for Windows devices. It can be deployed manually, although most organisations prefer to automate installation through device management tooling. This article explains how to d...00
