Discussion of public breaches of security
Bart Kulach has a pdf from this year’s Defcon23 “Hack the Legacy! IBMi (aka AS/400) revealed” He recommends to check the website he set up http://www.hackthelegacy.org/ The items he has focused on are the privilege escalation issue in this slide: There are some good suggestions for a standard audit of your AD Check your group … Read more
SIEM Security Information Event Management Gartner Magic Quadrant image from http://www.gartner.com/technology/reprints.do?id=1-2J31FF4&ct=150706&st=sb Gartner What is it that we need? To protect our systems and perform functions? Good information from all of our devices. The above diagram is Gartner’s magic Quadrant for SIEM – Security Information Event Management, so the top products/companies are IBM Security, Splunk, … Read more
Do you want to get up-to-speed on latest hacker techniques? Snagged this list from reddit: https://www.reddit.com/r/netsec/comments/3fz6z6/blackhat_usa_2015_presentation_slideswhite_papers/cttslpu Abusing Windows Management Instrumentation (WMI) to Build a Persistent Asynchronous and Fileless Backdoor Crash & Pay: How to Own and Clone Contactless Payment Devices Forging the USB Armory an Open Source Secure Flash-Drive-Sized Computer SMBv2: Sharing More than … Read more
Microsoft’s WMI (Windows Management Infrastructure) presentation by Matt Graeber at BlackHat 2015: https://www.blackhat.com/docs/us-15/materials/us-15-Graeber-Abusing-Windows-Management-Instrumentation-WMI-To-Build-A-Persistent%20Asynchronous-And-Fileless-Backdoor-wp.pdf You can easily see from the diagram that WMI is integral to Windows technologies. Matt goes on to create PowerShell code which queries all WMI classes and namespaces. Some interesting class paths that i found interesting: CIMV2:Win32_BIOS CIMV2:Win32_AllocatedResource and more PowerShell seems to … Read more
As we prepare for the next attack (also waiting for BlackHat2015) I remember the Pearl harbor movie: TORA!TORA!TORA! 1970 Classic Tora Tora Tora トラ・トラ・トラ means “We have achieved complete surprise” in Japanese codeword. A translation is Tiger. Tora (Tορα) is translated to “now” from Greek. Torah is the law in hebrew or better known as the … Read more