7MS #365: Interview with Ryan Manship and Dave Dobrotka - Part 3
7 Minute Security30 Maj 2019

7MS #365: Interview with Ryan Manship and Dave Dobrotka - Part 3

This episode of the 7 Minute Security Podcast is brought to you by Authentic8, creators of Silo. Silo allows its users to conduct online investigations to collect information off the web securely and anonymously. For more information, check out Authentic8.

First, a bit of miscellany:

  • If you replace "red rain" with "red team" in this song, we might just have a red team anthem on our hands!

  • If you're in the Twin Cities area and looking for an infosec analyst job, check out this posting with UBB. If interested, I can help make an electronic introduction - and/or let 'em know 7 Minute Security sent ya!

Ok, in today's program we're talking about red teaming again with our third awesome installment with Ryan and Dave who are professional red teamers! Today we cover:

  • Recon - it's super important! It's like putting together puzzle pieces...and the more of that puzzle you can figure out, less likely you'll be surprised and the more likely you'll succeed at your objective!

  • Reporting - how do you deliver reports in a way that blue team doesn't feel picked on, management understands the risk, and ultimately everybody leaves feeling charged to secure all the things?

I also asked the questions folks submitted to me via LinkedIn/Slack:

  • Any tips for the most dreaded part of an assessment (reports)?

  • How do you get around PowerShell v5 with restrict language mode without having the ability to downgrade to v2?

  • What's an alternative to PowerShell tooling for internal pentesting? (hint: C# is the hotness)

  • What certs/skills should I pursue to get better at red teaming (outside of "Hey, go build a lab!").

  • Are customers happy to get assessed by a red team exercise, or do they do it begrudgingly because of requirements/regulations?

Avsnitt(688)

7MS #552: Tales of Pentest Pwnage - Part 45

7MS #552: Tales of Pentest Pwnage - Part 45

SafePass.me is the only enterprise solution to protect organizations against credential stuffing and password spraying attacks. Visit safepass.me for more details, and tell them 7 Minute Security sent you to get a 10% discount! Today's tale of pentest pwnage covers some of the following attacks/tools: Teleseer for packet capture visualizations on steroids! Copernic Desktop Search Running Responder as Responder.py -I eth0 -A will analyze traffic but not poison it I like to run mitm6 in one window with mitm6.py -i eth0 -d mydomain.com --no-ra --ignore-nofqdn and then in another window I do ntlmrelayx.py -6 -wh doesntexist -t ldaps://ip.of.the.dc -smb2support --delegate-access > relaysRphun.log - that way I always have a log of everything happening during the mitm6 attack Vast.ai looks to be a cost-effective way to crack hashes in the cloud (haven't tested it myself yet)

24 Dec 202257min

7MS #551: Interview with Matt Warner of Blumira

7MS #551: Interview with Matt Warner of Blumira

Today we welcome our pal Matthew Warner (CTO and co-founder of Blumira) back to the show for a third time (his first appearance was #507 and second was #529). I complained to Matt about how so many SIEM/SOC solutions don't catch early warning signs of evil things lurking in customer networks. Specifically, I whined about 7 specific, oft-missed attacks like port scanning, Kerberoasting, ASREPRoasting, password spraying and more. (Shameless self-promotion opportunity: I will be discussing these attacks on an upcoming livestream on December 29). Matt dives into each of these attacks and shares some fantastic insights into what they look like from a defensive perspective, and also offers practical strategies and tools for detecting them! Note: during the discussion, Matt points out a lot of important Active Directory groups to keep an eye on from a membership point of view. Those groups include: ASAAdmins Account Operators Administrators Administrators Backup Operators Cert Publishers Certificate Service DCOM DHCP Administrators Debugger Users DnsAdmins Domain Admins Enterprise Admins Enterprise Admins Event Log Readers ExchangeAdmins Group Policy Creator Owners Hyper-V Administrators IIS_IUSRS IT Compliance and Security Admins Incoming Forest Trust Builders MacAdmins Network Configuration Operators Schema Admins Server Operators ServerAdmins SourceFireAdmins WinRMRemoteWMIUsers WorkstationAdmins vCenterAdmins

16 Dec 20221h 10min

7MS #550: Tales of Pentest Fail - Part 5

7MS #550: Tales of Pentest Fail - Part 5

This podcast is sponsored by Arctic Wolf, whose Concierge Security teams Monitor, Detect and Respond to Cyber threats 24/7 for thousands of customers around the world. Arctic Wolf. Redefining cybersecurity. Visit Arcticwolf.com/7MS to learn more. Hey friends, today's episode is extra special because it's our first episode we've ever done live and with video(!). Will we do it again? Who knows. But anyway, we had a fun time talking about things that have gone not so well during pentesting lately, specifically: Things we keep getting caught doing (and some potential ways to not get caught! Responder SharpHound CrackMapExec - specifically running -x or -X to enumerate systems PowerHuntShares "FUD sprinklers" - people who cast fear, uncertainty and doubt on your pentest findings A story about the time I took down a domain controller (yikes)

9 Dec 202252min

7MS #549: Interview with Christopher Fielder and Daniel Thanos of Arctic Wolf

7MS #549: Interview with Christopher Fielder and Daniel Thanos of Arctic Wolf

This podcast is sponsored by Arctic Wolf, whose Concierge Security teams Monitor, Detect and Respond to Cyber threats 24/7 for thousands of customers around the world. Arctic Wolf. Redefining cybersecurity. Visit Arcticwolf.com/7MS to learn more. Today my friends Christopher Fielder and Daniel Thanos from Arctic Wolf chat with me about what kinds of icky things bad guys/gals are doing to our networks, and how we can arm ourselves with actioanble threat intelligence and do something about it! P.S. This is Christopher's seventh time on the program. Be sure to check out his first, second, third, fourth, fifth and sixth interviews with 7MS.

2 Dec 20221h 1min

7MS #548: Tales of Pentest Pwnage - Part 44

7MS #548: Tales of Pentest Pwnage - Part 44

SafePass.me is the only enterprise solution to protect organizations against credential stuffing and password spraying attacks. Visit safepass.me for more details, and tell them 7 Minute Security sent you to get a 10% discount! Happy belated Thanksgiving! This is not a brag or a flex, but this episode covers a coveted achievement I haven't achieved in my whole life...until now: TDAD: Triple Domain Admin Dance!!!!1111!!!1!1!!!! We talk about the fun attack path that led to the TDAD (hint: always check Active Directory user description fields!), as well as a couple quick, non-spoilery reviews of a few movies: V for Vendetta and The Black Phone.

25 Nov 202250min

7MS #547: Tales of Pentest Pwnage - Part 43

7MS #547: Tales of Pentest Pwnage - Part 43

This podcast is sponsored by Arctic Wolf, whose Concierge Security teams Monitor, Detect and Respond to Cyber threats 24/7 for thousands of customers around the world. Arctic Wolf. Redefining cybersecurity. Visit Arcticwolf.com/7MS to learn more. Today we're talking about tales of pentest pwnage - specifically how much fun printers can be to get Active Directory creds. TLDL: get into a printer interface, adjust the LDAP lookup IP to be your Kali box, run nc -lvp 389 on your Kali box, and then "test" the credentials via the printer interface in order to (potentially) capture an Active Directory cred! Today we also define an achievement that's fun to unlock called DDAD: Double Domain Admin Dance.

18 Nov 202242min

7MS #546: Securing Your Mental Health - Part 3

7MS #546: Securing Your Mental Health - Part 3

This podcast is sponsored by Arctic Wolf, whose Concierge Security teams Monitor, Detect and Respond to Cyber threats 24/7 for thousands of customers around the world. Arctic Wolf. Redefining cybersecurity. Visit Arcticwolf.com/7MS to learn more. Today we're talking about securing your mental health! I share some behind-the-scenes info about my own mental health challenges, and share a great tip a counselor gave me for getting into a good headspace before heading into a difficult conversation/situation.

11 Nov 202239min

7MS #545: First Impressions of Snipe-IT

7MS #545: First Impressions of Snipe-IT

Today’s episode of the 7 Minute Security podcast is brought to you by Blumira, which provides easy-to-use automated detection and response that can be set up in…well..about 7 minutes. Detect and resolve security threats faster, and prevent breaches. Try it free today at blumira.com/7ms. Hey friends, today we're giving you a first impressions look at a free easy asset management tool called Snipe-IT you can use to build your inventory with! Why is this important? Because it's the first critical security control! It might help to see this tool in action, so we invite you to check out our recent Twitch stream where we got it up and running in about 45 minutes.

4 Nov 202240min

Populärt inom Politik & nyheter

svenska-fall
p3-krim
svd-dokumentara-berattelser-2
rss-viva-fotboll
flashback-forever
rss-sanning-konsekvens
aftonbladet-daily
rss-vad-fan-hande
olyckan-inifran
motiv
rss-krimstad
dagens-eko
fordomspodden
krimmagasinet
rss-frandfors-horna
rss-expressen-dok
blenda-2
rss-krimreportrarna
svd-nyhetsartiklar
kungligt