Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest Posts

Commando VM: An Introduction

Commando VM is a testing platform that Mandiant FireEye created for penetration testers who are more comfortable with the Windows operating system. Windows Commando VM is essentially the sister to Kali Linux, a Linux testing and malware analysis platform widely used by the penetration testing community. These security testing platforms are packaged with all the common solutions and scripts that a pentester would need for offensive testing.

Bypassing MFA with the Pass-the-Cookie Attack

Multi-factor authentication (MFA) is a great way to increase both on-premises and cloud security. With MFA in place, when a user logs on, they are required to provide not only their user ID and password but another authentication factor, such as a code sent to their phone. This process reduces the attack surface by preventing adversaries with stolen user credentials from logging on. However, MFA is not a cybersecurity panacea.

FIM Solutions: Essential Guide

Changes to your IT devices, systems and servers are inevitable — but they can introduce critical security weaknesses. A file integrity monitoring (FIM) solution will track changes to your system and configuration files so you can promptly verify patch rollouts and investigate and mitigate unauthorized modifications — helping your business maintain a strong security posture and ensure ongoing regulatory compliance.

Public Role in SQL Server

Database roles are similar to Windows groups — rather than revoking or granting access to each user separately, administrators manage access by granting or revoking permissions from roles and by changing role membership. Using roles makes it easier to accurately grant and revoke privileges for database users. And since multiple users can be members of a SQL database role, you can easily manage rights for a whole group of users at once.

Internal Reconnaissance Protection using NetCease and SAMRi10

Internal reconnaissance is one of the first steps an attacker will take once they have compromised a user or computer account in your network. Using various tools or scripts, they enumerate and collect information that will help them identify what assets they should try to compromise next to get what they want. For example, BloodHound will map out attack paths that can enable an adversary to escalate their privileges from ordinary user to admin.

Mounting Unix Shares with a Windows NFS Client

Network File System (NFS) is an open standard for distributing a file system across a network for multi-client access. Designed in 1984, NFS has grown to include many authentication methods at both the share (export) and file system levels, including client IP/hostname, auth_sys (Unix auth), Kerberos and NFSv4.x ACLs. This blog post explains how to mount an NFS share on a Windows client.

How To Hide API Keys, Credentials and Authentication Tokens on Github

Back in 2018, GitHub celebrated 100 million open source repositories, and it has only been growing since then. How can you make sure your sensitive credentials and authentication tokens aren’t exposed to access by the public? Read this blogpost to learn how to save your API keys and other important data from being disclosed.

Active Directory Delegation Overview

Understanding Active Directory (AD) permissions is vital for cybersecurity, compliance and business continuity. In this blog, we’ll be going over, at a high level, how Active Directory permission are applied in a domain and how to view them natively. The most common way to apply Active Directory permissions is through the tool Active Directory Users and Computers (ADUC). There are two ways in ADUC to apply permissions: This blog post will cover both of these options.

NIST Password Guidelines

Since 2014, the National Institute of Standards and Technology (NIST), a U.S. federal agency, has issued guidelines for managing digital identities via Special Publication 800-63B. The latest revision (rev. 3) was released in 2017, and has been updated as recently as 2019. Revision 4 was made available for comment and review; however, revision 3 is still the standard as of the time of this blog post.