Skip to content
PwnDefend
  • Base
  • Comms Room
    • Customer Feedback
    • Company Information
    • Security Management
  • Services
    • Consulting Services
      • Enterprise Security Posture Assessment
      • Cyber Security Assurance & Security Testing Services
      • IT Security Healthchecks
      • Active Directory Assessment Services
      • Managed Remediation Services
    • Emergency Cyber Incident Response Support
    • Our Success Stories
    • Partner Services
  • Blog
  • Privacy
Defence

No one is responsible for your OWN Cyber Defences…

Introduction 

I talk to hundreds or maybe even thousands of people online. I work in the Cyber security industry, I worked previously with central government, local authorities, finance, third sector, healthcare, defence and well most verticals of business. I often see people comment online about how “GCHQ has failed” or some other silly nonsense when it comes to an organisation (not GCHQ) being victim to a cyber incident. 

I fear the world has watched a few too many Bond and Bourne films and let’s their imaginations run wild! The true reality of defending cyberspace is frankly vastly different to what I think people believe it is.

Read more “No one is responsible for your OWN Cyber Defences other than you! “ →
Hacking

The Manual Version 2.0

Working in Cyber security can expose you to all kinds of information. I’m an offensive and defensive security architect and occasional (haha that’s daily right!) pew pew slinger (pentester) and I am also a threat intelligence practioner (CTI) (we need The Many Hats Club back!). Which is why sometimes when things appear on the internet I think I decide to take a look.

Read more “The Manual Version 2.0” →
Education

Cyber Security for PC Gamers

Introduction

The other day there was a lot of focus on “ATLASOS” a rather oddly branded project, just to be clear:

ATLASOS is NOT AN Operating System (OS) (despite it’s name!)

ATLASOS (at the time of writing) disables basically the majority of Windows Security features including:

  • Defender
  • Smart Screen
  • Windows Update
  • Spectre/Meltdown Mitigations

Basically, if you can think of “nightmare” in the cyber world, ATLASOS’s security posture is basically that (in my opinion)! That said, it’s cool from a nerd Windows customization/build pov, however based on my initial investigations I would strong recommend NOT using it on a “PRODUCTION” system (or anything that’s connected to the internet!).

Read more “Cyber Security for PC Gamers” →
Hacking

Stealthy Active Directory Username Enumeration with LDAPNomNom

My friend Lars and I were just talking about some of the research areas we are working on and randomly the conversation turned into “what shall we call it?” and then LDAPNomNom came up! So I whilst laughing (coz the name is lulz) with my buddy I downloaded and ran LDAPNomNom against a lab vm quickly! (Lars also fixed an error with readme.md that I pointed out coz my debug skillz ROCK! 😛 )

So here we have me doing username enumeration via LDAP Ping using LDAPNOMNOM!

Read more “Stealthy Active Directory Username Enumeration with LDAPNomNom” →
Vulnerabilities

Microsoft Outlook Elevation of Privilege Vulnerability (CVE-2023-23397)

Regarding: CVE-2023-23397

This is a fast publish, use at own risk.

See guidance from Microsoft: CVE-2023-23397 – Security Update Guide – Microsoft – Microsoft Outlook Elevation of Privilege Vulnerability

If you need to mitigate the latest Outlook vulnerability which abuses an SMB/WebDav call using the Calendar invite feature you can consider the following:

Read more “Microsoft Outlook Elevation of Privilege Vulnerability (CVE-2023-23397)” →
Education

The Long Game: Persistent Hash Theft

CVE-2023-23397 enables a threat actor to send a calendar invite whereby the properties of the msg file can include a path for the reminder sound file. This is achieved by setting:

Read more “The Long Game: Persistent Hash Theft” →
Leadership

Adopting an Attacker Mindset to Defend Healthcare

This post started as a reply to a great topic on LinkedIn, but I hit the character limit so now it’s a blog post!

Years ago I simulated attacks (authorized obviously for the people that have wild imaginations) on a customer which included a physical attack where I walked into a healthcare organization, armed with a suit a smile (and a USB key) I needed to gain access and attempt to move laterally and escalate privileges.

Read more “Adopting an Attacker Mindset to Defend Healthcare” →
Fiction

Caught: A Hacker Adventure

It was a dark and stormy night, and a lone figure sat hunched over their computer screen, typing away at lightning speed. This was no ordinary person – this was a hacker, one of the most skilled and dangerous in the world.

Read more “Caught: A Hacker Adventure” →
Hacking

Active Directory Security Cheat Sheet

Ok you need to do some AD Security Auditing or Security Testing/Exploitation, great. Let’s look at some of the common misconfigurations and some tools to help you, a list of things will obviously not be the answer, you will need a method and process to go through from recon/enumeration through to exploitation and impact (effects), but that’s what google is for (and CTFs/Labs)! This post is just me jotting down some notes, hopefully they help defenders think about improving their posture.

Read more “Active Directory Security Cheat Sheet” →
Guides

Cyber Threat Intelligence Resources

There are so many lists of “tools” of “free resources” for “cyber” etc. Well I don’t want to make a list of stuff for social media, this isn’t the TOP x tools, this is simply some resources that I use on a regular basis that should give people a fairly good idea of where to start looking. Cyber sleuthing is a mixture of:

  • HUMINT
  • OSINT
  • CSINT
  • RUMINT
  • SIGINT
  • SOCMINT
Read more “Cyber Threat Intelligence Resources” →

Posts navigation

1 2 3 … 11

Recent Posts

  • No one is responsible for your OWN Cyber Defences other than you! 
  • The Manual Version 2.0
  • Cyber Security for PC Gamers
  • Active Directory Attacks – “It’s cold out here”
  • Mobile Device Malware Analysis

Recent Comments

  1. The Week in Ransomware – May 26th 2023 – Cities Under Attack - Shackle Media on The Manual Version 2.0
  2. The Week in Ransomware – May 26th 2023 – Cities Under Attack – Source: www.bleepingcomputer.com - CISO2CISO.COM & CYBER SECURITY GROUP on The Manual Version 2.0
  3. The Week in Ransomware - Might twenty sixth 2023 - Computer Depot | Best & Reliable Computer Repair - O'Fallon on The Manual Version 2.0
  4. The Week in Ransomware - Could twenty sixth 2023 - Anedejo on The Manual Version 2.0
  5. The Week in Ransomware - May 26th 2023 - Tech World4uu on The Manual Version 2.0

Archives

  • August 2023
  • May 2023
  • April 2023
  • March 2023
  • February 2023
  • January 2023
  • December 2022
  • November 2022
  • October 2022
  • September 2022
  • August 2022
  • July 2022
  • June 2022
  • May 2022
  • April 2022
  • March 2022
  • February 2022
  • January 2022
  • December 2021
  • November 2021
  • October 2021
  • September 2021
  • August 2021
  • July 2021
  • May 2021
  • April 2021
  • March 2021
  • February 2021
  • January 2021
  • December 2020
  • November 2020
  • October 2020
  • September 2020
  • August 2020
  • July 2020
  • March 2020
  • February 2020
  • January 2020
  • October 2019
  • May 2019
  • April 2019
  • March 2019
  • February 2019
  • January 2019
  • December 2018
  • October 2018
  • September 2018
  • August 2018
  • July 2018

Categories

  • Architecture
  • Breach
  • Company News
  • CTF
  • Defence
  • Defense
  • Education
  • Fiction
  • Getting into Cyber
  • Guides
  • Hacking
  • IOT
  • Leadership
  • News
  • OSINT
  • Reviews
  • Strategy
  • Threat Intel
  • Uncategorized
  • Vulnerabilities
Copyright (c) Xservus Limited