Bart Kulach has a pdf from this year’s Defcon23 “Hack the Legacy! IBMi (aka AS/400) revealed” He recommends to check the website he set up http://www.hackthelegacy.org/ The items he has focused on are the privilege escalation issue in this slide: There are some good suggestions for a standard audit of your AD Check your group … Read more
Grant Bugher with perimetergrid.com had a talk on the DEFCON101 track. “Obtaining and Detecting Domain Persistence” As the slide above states, it is not about _how_ to hack a domain. But assuming someone has – now what? 1st Process start command line logging and PowerShell logging enabled on all systems. 2nd SysMon(Sysinternals Monitoring Service) … Read more
Let’s look at Will and Guy’s joke site today(08/14/2015): http://www.guy-sports.com/humor/computers/computer_jokes.htm (image from guy-sports.com) E-mail communication can always cause problems… 🙂 Mystery Joke: (a bit dated …) {Ricky, a customer, visits PC Express, the computer store, ‘I’m looking for a mystery Adventure Game with lots of graphics. You know, something really challenging.’ ‘Well,’ replies the … Read more
According to TonyZ (Fixvirus.com) DefCon23 100 talks and pdf’s I chose 3 to focus on: Added a fourth later in day :). Created a separate post with another-5th: http://oversitesentry.com/defcon-talk-your-domain-is-compromised-now-what/ ) Risk discussion: Bruce Potter A hacker’s Guide to Risk Risk”vs.”Threat”vs.”Vulnerability Risk”tends”to”be”bigger/more”general”than”threat.” Multiple”threats”can”role”up”in”to”a”single”risk Threats”rely”on”vulnerabilities”to”be”realized and more good risk info… to come. WiFi IDS/Firewall for windows: Vivek Ramachandran There is … Read more
SIEM Security Information Event Management Gartner Magic Quadrant image from http://www.gartner.com/technology/reprints.do?id=1-2J31FF4&ct=150706&st=sb Gartner What is it that we need? To protect our systems and perform functions? Good information from all of our devices. The above diagram is Gartner’s magic Quadrant for SIEM – Security Information Event Management, so the top products/companies are IBM Security, Splunk, … Read more