Using shame to enable extortion

When we look at ‘sextortion’ and ’email based extortion’ tactics used by threat actors we see a common pattern, one that leverages shame & fear. I’ve worked with some victims of this and it’s really not nice for them, the impacts are not just financial, they are emotional and sometimes more. It’s fortunately (for me) don’t however deal with this in volume, however I wanted to highlight something, the similarities between extortion and what I would describe as ‘Security Scanning’ shame scamming. Now you might think, that’s a massive leap… but bear with me, I’ve been looking at this (CTI/OSINT) plus working with ‘victims’ for years…

I’ll be posting about some research I’ve done on DNSSEC shortly too, I’ve kind of figured this topic was over years ago, but it’s recently come back on my radar, you know sometimes ‘duty calls’. But let’s look at shame based extortion patterns for now:

Education

Active Directory Attacks – “It’s cold out here”

Scenario

In this scenario it is assumed you do not have credentials, but you do have either adjacent or routable access to an Active Directory Domain Controller and can access common ports/services such as: LDAP, LDAPS, SMB, NETBIOS, KERBEROS, DNS

Education

Active Directory Enumeration with ChatGPT

I’ve not slept well for the last week and my brain is hurting, so I thought I would see if I can take our lovely new SKYNET overload AI “CHATGPT” and make it do all my work for me!

A common vulnerability in systems like Active Directory is where a system administrator writes a password in the description field. So the easy answer to this is DO NOT DO THIS. However during penetration testing we want to check. There’s tons of ways to do this but I thought I’d ask our AI roboto to help, so let’s see!