Chat with AI – Cloud Only Hacker

Attackers are increasingly able to meet their objectives by compromising corporate cloud accounts and subsequently moving laterally within the cloud environment, often without needing to breach individual endpoints. Several factors are driving this trend: Expanded Attack Surface in the Cloud: As organizations increasingly adopt cloud services and SaaS solutions, the attack surface has grown larger Read More …

Conference Video – Why We are Not Building a Defendable Internet

In IT security, offensive problems are technical – but most defensive problems are political and organisational. Attackers have the luxury to focus only on the technical aspects of their work, while defenders have to navigate complex political and regulatory environments. In a previous talk (“Rearchitecting a defendable internet”) I discussed what technical measures would yield Read More …

Hacker TV – Kerberoasting & Attacks 101

Want to understand how Kerberos works?  Would you like to understand modern Kerberos attacks? Tim Medin walks you through how to attack Kerberos with ticket attacks and Kerberoasting. He covers the basics of Kerberos authentication and then shows you how the trust model can be exploited for persistence, pivoting, and privilege escalation. At the conclusion, Read More …

Month of AI Video – Hacking AI Infrastructure Providers for Fun

An increasing number of companies are adopting AI-as-a-Service solutions to collaborate, train, and operate their artificial intelligence applications. From emerging AI startups like Hugging Face and Replicate to established cloud providers such as Microsoft Azure and SAP, thousands of customers place their trust in these services, relying on them to handle their proprietary models and Read More …

Notes – About GitHub-hosted runners

GitHub offers hosted virtual machines to run workflows. The virtual machine contains an environment of tools, packages, and settings available for GitHub Actions to use. Overview of GitHub-hosted runners Runners are the machines that execute jobs in a GitHub Actions workflow. For example, a runner can clone your repository locally, install testing software, and then Read More …

AZ 900 – Part II – Architecture & Security I

Microsoft Azure is a comprehensive cloud computing platform that provides a wide range of services, including computing power, storage, networking, databases, analytics, and more. Understanding its global infrastructure involves several key concepts: Regions and Availability Zones Regions: Azure is divided into geographic regions, which are clusters of data centers located in specific areas around the Read More …

DDoS – Distributed Denial of Service

A Distributed Denial of Service (DDoS) attack is a malicious attempt to disrupt the normal functioning of a targeted server, service, or network by overwhelming it with a flood of internet traffic. DDoS attacks are executed using multiple compromised computer systems, often referred to as a botnet, which are controlled by the attacker. These botnets Read More …

Initial Experiments – Deep Groove in the Floor

Sometimes I get bored and just start mucking around with #shotcut video editor, and things like these videos come out. Running around Chicago doing errands on a rainy day. #shotcutvideo #collage #collagelife #weird #weirdvisualfx #kaleidoscope #kaleidoscopevideos #kaleidoscopeoflife #driving #lsd #chicago #timelapse #groceryshopping #videotour #slipstream #version #version6 #versionsix #kaleidoscopeart #kaleidoscopevideos #kaleidoscopeeffect #kaleidoscopeworld #kaleidoscopevideo