HackDig : Dig high-quality web security articles for hacker

The importance of logs: You won’t see what you don’t log

Presentation on logging and auditing strategies (as given at Secure South West 11). Building on my blog post on Cisco’s security blog entitled The Importance of Logs, I put together a presentation that picks apart some of the practical aspects of building a successful logging capability focusing on the need to document “good” and curate 
Publish At:2019-09-19 17:35 | Read:70 | Comments:0 | Tags:Presentations blue team hardening red team SecureSouthWest t

Where 2 worlds collide: Bringing Mimikatz et al to UNIX

Presentation on Active Directory integration solutions for UNIX (as given at Black Hat Europe 2018). Over the past fifteen years there’s been an uptick in “interesting” UNIX infrastructures being integrated into customers’ existing AD forests. Whilst the threat models enabled by this should be quite familiar to anyone securing a heter
Publish At:2019-09-19 17:35 | Read:204 | Comments:0 | Tags:Presentations analysis auditing Black Hat Europe blue team c

An offensive introduction to Active Directory on UNIX

By way of an introduction to our talk at Black Hat Europe, Security Advisory EMEAR would like to share the background on our recent research into some common Active Directory integration solutions. Just as with Windows, these solutions can be utilized to join UNIX infrastructure to enterprises’ Active Directory forests. Background to Active Directory i
Publish At:2019-09-19 17:35 | Read:261 | Comments:0 | Tags:Blog analysis auditing Black Hat Europe blue team conference

Use Infrastructure as Code they said. Easier to audit they said… (part 1)

Whilst there are some great examples of how to assess infrastructure as code dynamically with things like the Center for Internet Security‘s Docker benchmark and CoreOS‘s Clair, these kinda run a little too late in the pipeline for my liking. If we want to treat infrastructure as code then surely we ought to be performing code reviews and if we&#
Publish At:2019-09-19 17:35 | Read:101 | Comments:0 | Tags:Blog auditing devops devsecops infradev orchestration seceng

Web Application Whitepaper

This document aims to analyse and explore data collected from technical assurance engagements during 2016. The original piece of data analysis was performed by two of our interns (Daniel and Chris) as part of Cisco’s intended contribution to the next Top 10 publication from OWASP however due to time constraints, our data points were not submitted. As a
Publish At:2017-10-27 17:20 | Read:2111 | Comments:0 | Tags:Whitepapers analysis HTML5 SDL training web

Hindering Lateral Movement

Lateral Movement is a method used by attackers (or malware) against a network Domain. After an initial device is compromised (typically, a user’s workstation), the attacker extracts passwords from memory, or obtains encrypted password hashes from the system for cracking or direct use (i.e. Pass the Hash). The attacker then attempts to login to other sy
Publish At:2017-10-27 17:20 | Read:3571 | Comments:0 | Tags:Blog auditing blueteam redteam training Windows

Level up Your Security Training Through Engagement

We all can agree that security training is critical, but have you ever wondered why your organization does not share your same level of excitement when it comes training time?The majority of organizations struggle with getting employees motivated and enthusiastic about training. Many employees look at training as a quarterly or yearly checkbox with the goal
Publish At:2017-03-13 16:15 | Read:2732 | Comments:0 | Tags:Featured Articles Off Topic Engagement security training

Spear-Phishing Attack Installs Two PowerShell Backdoors on Victims’ Machines

An ongoing spear-phishing campaign is using malicious Microsoft Word documents to install two PowerShell backdoors on victims’ machines.FireEye as a Service (FaaS) first detected the operation in February 2017. The campaign appears to be targeting individuals who’ve played a part in submitting financial statements and other documents to the U.S.
Publish At:2017-03-08 22:35 | Read:2634 | Comments:0 | Tags:Latest Security News malware Phishing training

Keep your cookies safe (part 1)

What are cookies and why are they important? A cookie is a small piece of data sent from a website and stored in a user’s web browser and is subsequently includes with all authenticated requests that belong to that session. Some cookies contain the user session data in a website, which is vital. Others cookies are used for tracking long-term records of
Publish At:2016-11-20 02:20 | Read:4570 | Comments:0 | Tags:Blog phishing SDL training web

4 Lessons Learned from Offensive v Defensive Training

In June this year, Fifth Domain ran a ten-day cyberwar course for 21 participants. The course provided participants with both red-team (offensive) and blue-team (defensive) cyber operations exercises.During the first eight days, participants learned a number of principles, frameworks and technical skills that were then put into practice during the final two-
Publish At:2016-08-10 09:50 | Read:2786 | Comments:0 | Tags:Featured Articles Security Awareness Defensive Offensive sec

No Silver Bullet In Security Awareness

There is no silver bullet in security awareness.What I mean by that is there is not a right or wrong way to teach people about cyber security. Just like any other type of education, you must surround yourself with it. You cannot expect to show a once-a-year “death by Powerpoint” presentation and have your staff become cyber experts. This is somet
Publish At:2016-08-01 06:10 | Read:3100 | Comments:0 | Tags:Featured Articles Security Awareness Employee Training train

Hacker Mindset: SANS NetWars & Tools of the Trade

In my ongoing blog series “Hacker Mindset,” I’ll explore an attacker’s assumptions, methods and theory, including how information security professionals can apply this knowledge to increase cyber-vigilance on the systems and networks they steward.In this article, I share my thoughts on NetWars – a live interactive Capture the Flag training exercise at
Publish At:2016-07-27 16:35 | Read:3413 | Comments:0 | Tags:Events Featured Articles NetWars SANS security training

Windows Named Pipes: There and back again

Inter Process Communication (IPC) is an ubiquitous part of modern computing. Processes often talk to each other and many software packages contain multiple components which need to exchange data to run properly. Named pipes are one of the many forms of IPC in use today and are extensively used on the Windows platform as a means to exchange data between runni
Publish At:2015-11-20 12:45 | Read:9146 | Comments:0 | Tags:Blog SDL training Windows

NOPC version 0.4.7 released

NOPC, the Nessus-based offline patch checker for Linux distributions and UNIX-based systems has had some changes made and been made available in our tools section. This article discusses the new features in detail and provides some working examples. Updated features and bug fixes Improvements to the interactive mode (e.g. asking for what format for results
Publish At:2015-10-29 00:10 | Read:2265 | Comments:0 | Tags:Blog analysis training UNIX

Healthcare – Breaching a medical training mannequin raises new cyber security concerns

Cyber attacks against healthcare systems are likely to increase and students investigated the feasibility of breaching a medical training mannequin. Let me start with the scene from a popular TV series titled Homeland, it is a pacemaker hack. Security experts are warning the medical industry about the hacking of any medical e
Publish At:2015-09-11 01:10 | Read:1922 | Comments:0 | Tags:Breaking News Hacking Security Health Care Equipment healthc

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud