Great video from BSides Columbus Ohio 2018 : “Zero to Owned in 1 Hour” That is an interesting review of how the new potential weaknesses are in the Cloud itself. Human Access to the cloud can be a weak point. AWS (Amazon Web Services) Does Multi-factor Authentication work with multiple people running things? Service Provider (cloud … Read more
The attackers are getting better, they are not sitting still. If you are hoping no one will notice you in your personal world … not likely, everyone is a target. In this post lets connect a few dots: SCmagazine story:“Social Media and Engineering Used to spread tempted cedar spyware” So a fake Facebook profile method … Read more
We as Cybersecurity practitioners must use the best tools we can find. So if AI(Artificial Intelligence) can help us we need to use them. Of course we have to use real AI tools, not old tools renamed “AI” to sell more software for a little bit of time. What is the definition of AI ? … Read more
Which Bloodhound might you ask? No not the Dog… But the following program in Kali Linux: Just a slightly different picture and meaning. Cobaltstrike has tested with it and this is his explanation: “BloodHound is a tool to analyze and understand Active Directory Trust Relationships. For an offensive practitioner, this tool can highlight the hops … Read more
Who do I trust when dealing in Security? (definition of ‘trust’ from Google) First impressions count – remember what everyone says… But Wall Street Journal story “The Mistakes You Make In a Meeting’s First Milliseconds” has a communications coach saying that you should not always trust your first impressions. And there is a way to … Read more
