Education
If we look at the reality of cyber security on a personal level, it’s insanely complex. There are hundreds if not thousands of details that matter, under the microscope security is incredibly complex and contextual. Which makes it a nightmare outside of simple abstractions, because things get complex fast.
Read more “Making cyber security relatable to people”
Defence
Ok this morning I woke up really really early! I then went on a bit of a KQL thread on twitter, and then IRL work destroyed my plans to play in the lab. However I’m publishing this in its current state [use at own risk etc.] because I think it might help people! So let’s get to it:
These queries can help you identify 3 common active directory attack techniques from logs on a domain controller (this does not rely on ADCS logs etc.)
Read more “Hunting for common Active Directory Domain Services Exploitations”
Defence
Ok that subject is massive…so this is a bit more of a targeted thought process to consider.
Each network is unique and technology deployments vary. One time I was in a network that was almost entirely Apple MacBooks and a door control panel…. which was ‘fun’.
So this is a general list of some things to consider if you have tech deployed such as:
Defence
Ok so here’s the thing, I do NOT like getting pwn3d! I think you probably would rather your organisation does not too!
What I really don’t want to occur is a ransomware event! They suck, they are like a digital bomb going off.
So I’ve knocked up a quick list to get people thinking (these are NOT all the vulnerabilities I networks you should care about.. but they are some that could lead to a ransomware event!)
Read more “What are the top Active Directory Security vulnerabilities I care about?”
Education
The digital world is complex and cyber threats appear to be around every corner. What we need to do however is look at how we can enable people and keep them safe from common (realistic) threats that they will almost certainly face (rather than saying everything is a risk!), The intent of this post is to tackle key common threats, risks and vulnerabilities (and countermeasures). It is high level, it is a generic and general, it is not a bespoke tailored guide for each person. It does not cover every single risk scenario someone may face, it simply looks at what I think people may want to focus on (given what I see). (I’m having to caveat this loads to try and stop the tin foil hat loonies making a scene about edge cases I haven’t covered)
Read more “Cyber Tips for Normies (without the FUD)”
Threat Intel
This is a fast publish. Based on honeypot data from @SI_FalconTeam we can make some analysis:
In the lab we have attacked HTTP and HTTPS and have been able to get AUTH bypass. (thanks @leak_ix)
Read more “Cisco IOS XE Incident Update”
Defence
I talk to hundreds or maybe even thousands of people online. I work in the Cyber security industry, I worked previously with central government, local authorities, finance, third sector, healthcare, defence and well most verticals of business. I often see people comment online about how “GCHQ has failed” or some other silly nonsense when it comes to an organisation (not GCHQ) being victim to a cyber incident.
I fear the world has watched a few too many Bond and Bourne films and let’s their imaginations run wild! The true reality of defending cyberspace is frankly vastly different to what I think people believe it is.
Read more “No one is responsible for your OWN Cyber Defences other than you! “
Hacking
Working in Cyber security can expose you to all kinds of information. I’m an offensive and defensive security architect and occasional (haha that’s daily right!) pew pew slinger (pentester) and I am also a threat intelligence practioner (CTI) (we need The Many Hats Club back!). Which is why sometimes when things appear on the internet I think I decide to take a look.
Read more “The Manual Version 2.0”
Education
The other day there was a lot of focus on “ATLASOS” a rather oddly branded project, just to be clear:
ATLASOS is NOT AN Operating System (OS) (despite it’s name!)
ATLASOS (at the time of writing) disables basically the majority of Windows Security features including:
Basically, if you can think of “nightmare” in the cyber world, ATLASOS’s security posture is basically that (in my opinion)! That said, it’s cool from a nerd Windows customization/build pov, however based on my initial investigations I would strong recommend NOT using it on a “PRODUCTION” system (or anything that’s connected to the internet!).
Read more “Cyber Security for PC Gamers”
Hacking
My friend Lars and I were just talking about some of the research areas we are working on and randomly the conversation turned into “what shall we call it?” and then LDAPNomNom came up! So I whilst laughing (coz the name is lulz) with my buddy I downloaded and ran LDAPNomNom against a lab vm quickly! (Lars also fixed an error with readme.md that I pointed out coz my debug skillz ROCK! 😛 )
So here we have me doing username enumeration via LDAP Ping using LDAPNOMNOM!
Read more “Stealthy Active Directory Username Enumeration with LDAPNomNom”