We then end up with two main classifications of access control: Role-Based Access Control (RBAC). Define the role for the access to data, eg Policy = Subject (AND/OR) Role –> Permissions. Attribute-Based Access Control (ABCL). Define attributes eg Policy = User (role, nationality) AND/OR Resource (department, owner) AND/OR Action AND/OR Context (time, IP, location) -> Read More …
Tag: security
Hacker Video – SIEGECAST: Kerberoasting & Attacks 101
Want to understand how Kerberos works? Would you like to understand modern Kerberos attacks? Tim Medin walks you through how to attack Kerberos with ticket attacks and Kerberoasting. He covers the basics of Kerberos authentication and then shows you how the trust model can be exploited for persistence, pivoting, and privilege escalation. At the conclusion, Read More …
EDRKillShifter
“EDRKillShifter” is a type of malware specifically designed to disable Endpoint Detection and Response (EDR) security software on a system, allowing attackers to carry out malicious activities like deploying ransomware without detection; it is considered a sophisticated tool often used by cybercriminals to evade security measures. Key points about EDRKillShifter: Function: Its primary purpose is Read More …
How to change user agent in nmap
NMAP How to change user agent You can find the default value in /usr/share/nmap/nselib/http.lua (At the beginning of the file, a couple of lines after the comments) local USER_AGENT = stdnse.get_script_args(‘http.useragent’) or “Mozilla/5.0 (compatible; Nmap Scripting Engine; http://nmap.org/book/nse.html)” You can change the value with this line local USER_AGENT = stdnse.get_script_args(‘http.useragent’) or “Mozilla/5.0 (compatible; MSIE 9.0; Read More …
What is DTLS and where do I use it?
It’s best suited for small- to medium-sized businesses with deployments that range from tens to a few hundred computers. A provisioning package (. ppkg) is a container for a collection of configuration settings. Use the Windows Configuration Designer tool to create provisioning packages to easily configure devices running Windows client. Windows Configuration Designer is primarily Read More …
SMS Phishing or Spam
I just received an awesome SMS phishing message scam, and I wanted to share with others, to show how to spot the scam. To the right is a photo of it: First, I do read the whole message, and in the second reading that we can really pick it apart. So the message claims to Read More …
Infrastructure Attacks Are Growing
A couple of news articles caught my eye this past week that are quite interesting IMO. Ukraine’s largest mobile operator Kyivstar downed by ‘powerful’ cyberattack & Attacks on Critical Infrastructure Attributed to Insidious Taurus You have to love the names that the security companies come up with for the other nation state actors. I am Read More …
What is SEO Poisoning?
SEO Poisoning (or Search Engine Optimization Poisoning) is a type of social engineering attack that targets an unsuspecting user, or maybe someone who is in a hurry and not paying close attention. These are typically used by bad guys to fool unsuspecting users into clicking their links and going to the wrong website, or worse Read More …
Find an APT
MITRE Groups Thai CERT – Electronic Transactions Development Agency