4 Free Easy Tips to Slow Hackers in Windows Environments

#1 – Disable Macros

One of the most-used initial access attacks is macros. The question an organization needs to ask themselves is: do we really need macros at all?

#2 – Disable Extensions

Another useful thing you can do that is really easy to implement is to disable the execution of typical phishing extensions. A common extension I use on Red Teams, for instance, is .HTA. These extensions are very useful for attackers, since they can be used to execute code on the target.

#3 – Prevent Local Administrators From Accessing Computer From Network

If you can implement LAPS so that every local administrator has a unique password, then you should definitely do it.

#4 – Protect LSASS

Try setting RunAsPPL, this can be set by using Group Policy Preferences.

Read more here.