One question that I get a lot, whether it’s from students, current or hopeful IT folks or just curious folks who wonder how one gets into this line of work, is “How do / can I get started hacking?” or “How do / can I get started on the red team?”. I’ve heard tons of […]
What is RDP? Remote Desktop Protocol, or RDP, is a tool that many organizations leverage to allow users to access systems remotely. It’s built into all modern versions of Windows, is easy to enable, typically uses the same username and password used to access other systems (laptop, desktop, email, etc.) and offers a full desktop […]
The open-source encryption software and successor to Truecrypt Veracrypt has been updated to v1.19 to address vulnerabilities discovered in a recently completed code audit. The update addresses all critical, medium and low-risk vulnerabilities and workarounds have been provided for those vulnerabilities not yet addressed. The audit was completed against Veracrypt v1.18 and was completed on […]
When I meet people and tell them what we do (I usually lead with ‘Offensive Security’, that seems to be a real conversation starter), the conversation almost always ends up going something like “What is a vulnerability assessment, what is a penetration test, do I need one and, if so, which one do I need?” […]
I just finished reading this article titled “Hacking a Penetration Tester” and made a few notes that I thought may be helpful to pass along. The basic premise of the article is that the author (Wesley McGrew) and his team were conducting a penetration test and found a Meterpreter shell that had been left behind […]
We’ve all seen the movies and television shows where ‘hackers’ use elaborate tools to break into networks and, once in, use more elaborate tools to move around undetected doing whatever they set out to do. It’s true, there are some pretty cool tools out there (a few noted below) but, as this article at Threatpost […]
DEF CON 24 is now less than 2 months away and the schedules are starting to finalize. Below is a link to the DC24 workshops and I’ll try to post the other schedules (villages, skytalks, etc.) as I catch them. https://defcon.org/html/defcon-24/dc-24-workshops.html
Memorial Day is the day set aside each year for us to give thanks to the men and women who have given their lives defending the freedom and way of life that we enjoy as Americans. On behalf of a grateful nation, we thank you and are eternally grateful. Photo Credit
The blockchain’s current and first killer app is Bitcoin, the secure, anonymous digital currency or cryptocurrency. Cryptocurrencies like Bitcoin have gotten a lot of press lately because they are the defacto standard method that Ransomware accepts payment (because it’s secure and anonymous). Like Bitcoin though, the blockchain has a lot of uses outside of just […]
Backstory So, the basic story is this. Alice‘s company is hired by Bob to conduct a penetration test against Bob’s company. Bob is pretty sure that the network is secure but he’s hearing a lot of stories about how Mallory is wreaking havoc on law firms, medical facilities and even high end managed [technical] services […]