Education
Kerberoasting, a technique for offline cracking of Kerberos service account passwords in Active Directory environments, was publicly introduced and detailed by Tim Medin in his research paper and Black Hat USA 2014 presentation titled “Attacking Microsoft Kerberos: Kicking the Guard Dog of Hades.”
Read more “Kerberoasting History”
Breach
Are we stuck in a cyber world that never learns? are we doomed to suffer the same fate over and over again? Well, not if you take action, you can totally prevent events like this!
This is a fast post using an LLM to analyse the Capita redacted ICO report. Hopefully it will help people think about things and take the lessons and apply them in their own organisations.
Read more “Ransomware kill chains are boring.. will we ever learn?”
Education
“Juice jacking” has become a modern cybersecurity myth — a catchy scare story built on a long-patched Android debugging issue and fueled by viral fear rather than facts. Despite years of warnings, there are no confirmed cases of real-world juice jacking attacks; the cost, effort, and low reward make it an impractical method for criminals. Yet the myth persists because it’s vivid, simple, and scary — everything our brains latch onto. The real danger is not the USB port at the airport, but the distraction such myths create. When people focus on imaginary threats, they waste precious attention that should go toward genuine risks like weak passwords, missing MFA, unpatched systems, and poor backups. So let’s take a bit of a deeper dive into this subject, because by it’s important to understand what to, and what not to focus on in my experience!
Read more “A threat to sanity – Cyber Myth: Juice Jacking”
News
Firewalls are often both a defended gate but also the front door to access corporate network. That is all lovely until it’s not! You see so many corporate network intrusion incidents occur from threat actors simply logging into the VPN (due to lack of VPN), and then we have the software vulnerabilities where they shell their way in, but did you think that another way could be from stealing all the backups from a ‘security’ provider? Well now you might! There’s been bit of an incident (one that started as it’s only 5% of customers but actually it was 100% of customers who used the backup feature! YIKES), but before that let’s look at the typical landscape!
Read more “‘Secure’ Firewall backups, until they are not!”
Guides
This weekend I was running a workshop with my awesome friend James, where we were discussing the realities of wireless network security, man in the middle attacks and what we have found in the field, both from an offensive perspective and as corporate network defenders. As with all things in life, sometime reality doesn’t work quite as well as a demo! So I’ve done a quick thread on twitter showing the kill chain an adversary can deploy when attacking WPA2 PSK (without PMF enforced) networks. This is written as a twitter thread so bear with the style!
Read more “Breaching WPA2 PSK Wireless Networks”
Defence
If you are are a victim of unauthorised mailbox access and/or attempted fraud via mailbox compromise (BEC) then you know that one of the tasks outside of understanding how the compromise has occurred, what configurations have been tampered with, removing devices and resetting usernames/passwords (and tokens/MFA) etc. is to start to understand the data breach impact.
If someone has logged into a mailbox it’s very very unlikely that zero data has been accessed!
News
Ok with my AI companion GROK I’ve gone exploring on the differences between Japan’s new cyber laws and the UK! This is more GROK than me, but I thought people might find this interesting!
Read more “Japan goes on the Cyber Offensive”
Threat Intel
Motivation and a diverse network of people and capabilities can go a long way, then add in digital skills and winning steak… and you have: scattered spider!
There’s a big difference between zero day spraying the internet and planting webshells or copying someone’s open S3 bucket and say…. doxing staff, their families and attacking them and their assets in the real and digital worlds.
I think people won’t broadly grasp the effects that can be achieved (harm) when the adversary is motivated, dedicated, capable, resourced and has very little moral qualms.
There is no magic bullet to defend against an adversary like this, you need a whole of organisation defence (and to pursue even more than that!).
Read more “An evolution of threat actor”
Threat Intel
Defending against different skilled threat classes is an important thing to consider when you are planning, designing and operating a business. I’ve used GROK (AI) to create an html page which has both information on the kill chains, but also looks at countermeasures. I’m experimenting lots with VIBE coding and LLM assisted content generation so hopefully this proves useful. I do feel it needs a more human touch added as well… but let’s see! life without experimentation would be dull would it not!
Read more “Defending Against Scattered Spider”
Education
[This is why we need humans and not AI to write things!]
This is what an LLM said about my Cyber Noir game…. I think this is going to need me to write something! But that will come another day, today you can enjoy how humans are, not entirely replaced yet!
Enjoy! (perhaps just play the game!)
https://mr-r3b00t.github.io/cyber-detective
In the neon-drenched streets of Neon City, where high-tech crime and shadowy conspiracies collide, a new kind of detective story awaits. Cyber Noir Detective, an innovative choose-your-own-adventure game, invites players to step into the shoes of Riley Voss, a seasoned investigator tasked with thwarting a catastrophic cyber breach at NexCorp. This browser-based experience, crafted by cybersecurity experts at PwnDefend, blends immersive storytelling with subtle educational insights, making it a must-play for fans of interactive fiction, cyberpunk aesthetics, and digital security.
Read more “Unravel the Mystery of Cyber Noir Detective: A Thrilling Interactive Adventure”