7MS #518: Interview with Amanda Berlin of Blumira
7 Minute Security27 Huhti 2022

7MS #518: Interview with Amanda Berlin of Blumira

Today we're pumped to share a featured interview with Amanda Berlin, Lead Incident Detection Engineer at Blumira. You might already be familiar with Amanda's awesome Defensive Security Handbook or fine work with Mental Health Hackers. We polled our Slack friends and structured this interview as an AAA (Ask Amanda Anything). That resulted in a really fun chat that covered many things technical and not technical! Questions we posed to Amanda include:
  • Can you tell us more about your infosec superhero origin story and creation of your book?

  • Will there ever be a new version of the Defensive Security Handbook?

  • What blue team certs/YouTube vids/classes/conferences give the best bang for your buck?

  • Was it a mistake to invent computers?

  • From a logging standpoint, what devices provide blind spots (Linux systems, ioT devices, etc.)?

  • You can wave a magic wand and solve any three security challenges instantly - what do you choose?

  • Infosec Twitter drama. Love it? Leave it? Something inbetween?

  • Tips to prevent business email compromise?

  • How do we keep beloved family/friends (who keep falling prey to social engineering campaigns) safer on their computers and on the Web?

  • Our company had a partial ransomware deployment a few years ago. Is changing Active Directory passwords changed and formatting affected systems enough? (Spoiler alert: no. See Microsoft's advice on the topic)

Jaksot(682)

7MS #643: DIY Pentest Dropbox Tips – Part 11

7MS #643: DIY Pentest Dropbox Tips – Part 11

Today we continue where we left off in episode 641, but this time talking about how to automatically deploy and install a Ubuntu-based dropbox!  I also share some love for exegol as an all-in-one Active Directory pentesting platform.

27 Syys 202426min

7MS #642: Interview with Ron Cole of Immersive Labs

7MS #642: Interview with Ron Cole of Immersive Labs

Ron Cole of Immersive Labs joins us to talk pentest war stories, essential skills he learned while serving on a SOC, and the various pentest training and range platforms you can use to sharpen your security skills! Here are the links Ron shared during our discussion: VetSec Fortinet Veterans Program Immersive Labs Cyber Million FedVTE

23 Syys 202442min

7MS #641: DIY Pentest Dropbox Tips – Part 10

7MS #641: DIY Pentest Dropbox Tips – Part 10

Today we’re revisiting the fun world of automating pentest dropboxes using Proxmox, Ansible, Cursor and Level.  Plus, a tease about how all this talk about automation is getting us excited for a long-term project: creating a free/community edition of Light Pentest LITE training!

13 Syys 202427min

7MS #640: Tales of Pentest Pwnage – Part 63

7MS #640: Tales of Pentest Pwnage – Part 63

This was my favorite pentest tale of pwnage to date!  There’s a lot to cover in this episode so I’m going to try and bullet out the TLDR version here: Sprinkled farmer files around the environment Found high-priv boxes with WebClient enabled Added “ghost” machine to the Active Directory (we’ll call it GHOSTY) RBCD attack to be able to impersonate a domain admin using the CIFS/SMB service against the victim system where some higher-priv users were sitting Use net.py to add myself to local admin on the victim host Find a vulnerable service to hijack and have run an evil, TGT-gathering Rubeus.exe – found that Credential Guard was cramping my style! Pulled the TGT from a host not protected with Credential Guard Figured out the stolen user’s account has some “write” privileges to a domain controller Use rbcd.py to delegate from GHOSTY and to the domain controller Request a TGT for GHOSTY Use getST.py to impersonate CIFS using a domain admin account on the domain controller (important thing here was to specify the DC by its FQDN, not just hostname) Final move: use the domain admin ccache file to leverage net.py and add myself to the Active Directory Administrators group

7 Syys 202443min

7MS #639: Tales of Pentest Pwnage - Part 62

7MS #639: Tales of Pentest Pwnage - Part 62

Today’s tale of pentest pwnage talks about the dark powers of the net.py script from impacket.

3 Syys 20247min

7MS #638: Tales of Pentest Pwnage – Part 61

7MS #638: Tales of Pentest Pwnage – Part 61

Today we’re talking pentesting – specifically some mini gems that can help you escalate local/domain/SQL privileges: Check the C: drive! If you get local admin and the system itself looks boring, check root of C – might have some interesting scripts or folders with tools that have creds in them. Also look at Look at Get-ScheduledTasks Find ids and passwords easily in Snaffler output with this Snaffler cleaner script There’s a ton of gold to (potentially) be found in SQL servers – check out my notes on using PowerUpSQL to find misconfigs and agent jobs you might able to abuse!

23 Elo 202432min

7MS #637: BPATTY[RELOADED] Release Party

7MS #637: BPATTY[RELOADED] Release Party

Hello friends, I’m excited to release BPATTY[RELOADED] into the world at https://bpatty.rocks! – which stands for Brian’s Pentesting and Technical Tips for You! It’s a knowledge base of IT and security bits that help me do a better job doing security stuff! Today I do an ACTUAL 7-minute episode (GASP…what a concept!) covering my favorite bits on the site so far. Enjoy!

17 Elo 20247min

7MS #636: A Prelude to BPATTY(RELOADED)

7MS #636: A Prelude to BPATTY(RELOADED)

Artificial hype alert!  I’m working on a NEW version of BPATTY (Brian’s Pentesting and Technical Tips for You), but it is delayed because of a weird domain name hostage negotiation situation.  It’s weird.  But in the meantime I want to talk about the project (which is a pentest documentation library built on Docusaurus) and how I think it will be bigger/better/stronger/faster/cooler than BPATTY v1 (which is now in archive/read-only mode).

12 Elo 202411min

Suosittua kategoriassa Politiikka ja uutiset

rss-podme-livebox
ootsa-kuullut-tasta-2
aikalisa
politiikan-puskaradio
otetaan-yhdet
et-sa-noin-voi-sanoo-esittaa
rss-vaalirankkurit-podcast
rikosmyytit
aihe
rss-mina-ukkola
rss-hyvaa-huomenta-bryssel
rss-kyselytunti
rss-tasta-on-kyse-ivan-puopolo-verkkouutiset
politbyroo
the-ulkopolitist
rss-kalevi-sorsa-saation-podcast
rss-suoraan-asiaan
rss-kaikki-paskaksi-ystavat
rss-kaikki-uusiksi
rss-raha-talous-ja-politiikka