Informational

External/Internal, Informational, InfoSec 101, John Malone, Password Spray, Red Team

Hacking with Hydra

What is Hydra? Hydra is a tool that can be used for password spraying. Let’s begin by defining the term “password spray.” A password spray is where an attacker defines […]

Read the entire post here

Alyssa Snow, Blue Team, External/Internal, General InfoSec Tips & Tricks, How-To, Informational, LLMNR, Red Team

Bypass NTLM Message Integrity Check – Drop the MIC

In An SMB Relay Race – How To Exploit LLMNR and SMB Message Signing for Fun and Profit, Jordan Drysdale shared the dangers of lack of SMB Signing requirements and […]

Read the entire post here

Informational

Rooting For Secrets with TruffleHog

The potential leaking of confidential information can pose a significant security risk for any organization. When sensitive details (i.e., API keys, passwords, cryptographic keys, and other credentials) are unintentionally committed […]

Read the entire post here

Blue Team, Blue Team Tools, Guest Author, How-To, Informational art, cdr, cloud, falco, ids, realtime, tests

Better Together: Real Time Threat Detection for Kubernetes with Atomic Red Tests & Falco

| Nigel Douglas As a Developer Advocate working on Project Falco, Nigel Douglas plays a key role in driving education for the Open-Source Detection and Response (D&R) segment of cloud-native […]

Read the entire post here

Blue Team, General InfoSec Tips & Tricks, Incident Response, Informational, Patterson Cake OSINT

OSINT for Incident Response (Part 1)

Being a digital forensics and incident response consultant is largely about unanswered questions. When we engage with a client, they know something bad happened or is happening, but they are […]

Read the entire post here

General InfoSec Tips & Tricks, How-To, Informational, Jordan Drysdale Advice from a Help Desk Tech, Networking

The Simplest and Last Internet-Only ACL You’ll Ever Need

tl;dr Implement this ACL using whatever network gear, cloud ACL config, or uncomplicated firewall you use to protect your networks. Our IOT devices are on 10.99.99.0/24 for this example. Also, […]

Read the entire post here

Informational, Podcasts

Talkin’ About Infosec News – 11/13/2023

Podcast: Play in new window | Download

Subscribe: Apple Podcasts | Spotify | Amazon Music | RSS

Read the entire post here

Informational, InfoSec 101, Serena DiPenti internet protocol, IP, Networking

Unpacking the Packet: Demystifying the Internet Protocol

The internet is a product of a global group effort to build an interoperable network connecting billions of devices, regardless of country, region, or manufacturer. That effort yielded hundreds of […]

Read the entire post here

Alyssa Snow, Blue Team, External/Internal, General InfoSec Tips & Tricks, How-To, Informational, InfoSec 101, Red Team Active Directory, ADCS, exploit

Abusing Active Directory Certificate Services (Part 3)

| Alyssa Snow In PART ONE and PART TWO of this blog series, we discussed common misconfigurations of Active Directory certificate templates. In this post, we will walk through exploitation […]

Read the entire post here

«‹ 4 5 6 7 ›»