Of the 7 black hat white papers I want to focus on the ones that can cause problems for the Cloud Computers. The above diagram is a general diagram of the amount of companies servicing different IT sectors. Security can affect both Cloud and Virtualization. I quickly outlined the problem yesterday near the … Read more
Do you want to get up-to-speed on latest hacker techniques? Snagged this list from reddit: https://www.reddit.com/r/netsec/comments/3fz6z6/blackhat_usa_2015_presentation_slideswhite_papers/cttslpu Abusing Windows Management Instrumentation (WMI) to Build a Persistent Asynchronous and Fileless Backdoor Crash & Pay: How to Own and Clone Contactless Payment Devices Forging the USB Armory an Open Source Secure Flash-Drive-Sized Computer SMBv2: Sharing More than … Read more
Enjoy Cyberjoke Friday Aug, 7, 2015 … from http://www.emailgoodies.faketrix.com/pics-computer-jokes-pc-humor-windows-comedy.htm There is this Cartoon: Found Al Lowe’s humor site – he has a few good Cyber Jokes. here are 2 that I liked. http://www.allowe.com/humor/cj-main/cyberjoke-archive.html#joke=3198 Joke #3198: Two computer geeks were talking. “Guess what?” said one. “What?” said the other. “Yesterday, I met a gorgeous blonde … Read more
Microsoft’s WMI (Windows Management Infrastructure) presentation by Matt Graeber at BlackHat 2015: https://www.blackhat.com/docs/us-15/materials/us-15-Graeber-Abusing-Windows-Management-Instrumentation-WMI-To-Build-A-Persistent%20Asynchronous-And-Fileless-Backdoor-wp.pdf You can easily see from the diagram that WMI is integral to Windows technologies. Matt goes on to create PowerShell code which queries all WMI classes and namespaces. Some interesting class paths that i found interesting: CIMV2:Win32_BIOS CIMV2:Win32_AllocatedResource and more PowerShell seems to … Read more
There are many sites with security policies on the Internet, such as Universities recommending what to do and not do. http://sites.gse.harvard.edu/its/top-10-security-dos-and-donts http://www.feinberg.northwestern.edu/docs/mis/General_Security_Policy.pdf A security policy is a guideline to employees and users of network and computing resources for the safety and security of data and resources. It is good to know what one is supposed … Read more