7 Minute Security27 Mars 2019

7MS #355: Mousejacking!

This episode is brought to you by Netwrix Auditor, which empowers IT pros to detect, investigate and resolve critical issues before they stifle business activity, and proactively identify and mitigate misconfigurations in critical IT systems that could lead to downtime.

In this episode, we talk about the Mousejacking attack, which allows someone with a crazy radio (or other similar device) to inject keystrokes into vulnerable keyboards and mice. Yikes!

Not trying to be a doom and gloom guy here, but using this Mousejacking attack, pentesters/attackers could take over your entire Active Directory in just seconds - from the parking lot! I'll talk about how exactly that could be done - as well as ways to defend against mousejacking - in today's episode.

If this episodes primes your appetite for more Mousejackin' fun, join me and my pals Paul and Dan for a deep-dive Mousejacking Webinar on Tuesday, April 2 at 12 p.m. CST!

Some resources talked about in today's episode:

Mousejack.com - great demo video of the attack
Crazy Radio PA - one hardware option to perform mousejacking attacks
Custom mousejacking firmware for Crazy Radio PA
Jackit - tool for conducting mousejack attacks
A cool Twitter thread on using mousejacking for pentests
Vulnerable devices - nice repository of devices known to be susceptible to mousejacking attacks

Upptäck Premium

Prova 14 dagar kostnadsfritt

Skaffa Premium

Avsnitt(690)

7MS #113: Big Bag of Random Security Stuff

Yep, this episode is EXACTLY what the title implies.

27 Nov 201510min

7MS #112: This is Sparta!

This episode is about one of my favorite enumeration tools called Sparta - it's built right into Kali 2. And maybe it was in Kali 1 and I totally missed it. But whatevs. I'm happy to have found it now!

25 Nov 20158min

7MS #111: Hacking WPA Enterprise-Part 2

The thrilling (?) conclusion of my experience hacking WPA Enterprise.

20 Nov 20156min

7MS #110: Hacking WPA Enterprise-Part 1

This episode is about my experience hacking WPA enterprise. Huge mega tiger uppercut thanks to this site for giving me the fixes I needed to get this working on Kali2! https://warroom.securestate.com/index.php/evil-twin-attack-using-hostapd-wpe/

17 Nov 20158min

7MS #109: OFFTOPIC-It Follows and Backcountry

Movie reviews of It Follows and Backcountry.

13 Nov 20157min

7MS #108: I'm Going to PWAPT!-Part 2

Here's part 2 (of probably several to come) about my experience with PWAPT (Practical Webapp Pentesting) training last week!

11 Nov 201510min

7MS #107: I'm Going to PWAPT!

Hey I'm going to PWAPT this week (http://www.eventbrite.com/e/practical-web-application-penetration-testing-with-tim-tomes-lanmaster53-tickets-16718889649), so in this episode I talk about that...and how I'll probably be too info-overloaded to record anything on Thursday :-). Oh, and I had a fun Web app pentest this week that I wanted to share some fun bits on.

3 Nov 20157min

7MS #106: A Day in the Life of an Information Security Analyst

A listener wrote in asking some questions about "a day in the life of" a security analyst, so here's my best stab at it!

30 Okt 201510min

Allt en och samma app

Lyssna på dina favoritpoddar och ljudböcker på ett och samma ställe.

Noga utvalt innehåll

Njut av handplockade tips som passar din smak – utan ändlöst scrollande.

Fortsätt när du vill

Fortsätt lyssna där du slutade – även offline.

Premium

99 kr/mån

Tillgång till alla Premium-poddar
Lyssna utan reklam
Avsluta när du vill

Prova 14 dagar gratis

Premium

129 kr/mån

Tillgång till alla Premium-poddar
Lyssna utan reklam
Avsluta när du vill
Ett extra konto

Prova 14 dagar gratis

Populärt inom Politik & nyheter

Berättelserna och rösterna du älskar att lyssna på

Obegränsad lyssning på alla dina favoritpoddar och ljudböcker

Upptäck Premium