The final day... and it's all about memory. The operating system and some processes' memory contain secrets, such as password hashes and private keys of X.509 certificates. The value of these is very high, as demonstrated not too long ago by the severity of Cloudbleed and a few years ago by Heartbleed. Knowing how to … Continue reading CQURE Academy 5-Day Challenge: Final Day
Read about: Day 1 - Day 2 - Day 3 The fourth day was all about Windows password hashes. The video tutorial by Greg demonstrated how to access the local SAM database on a running computer and how to access the local and domain SAM database offline. I thought I knew a few things about … Continue reading CQURE Academy 5-Day Challenge: Day 4
Wednesday was Day 3 of the 5-day challenge. CQURE appears to be monitoring feedback because they've added a way to comment on and discuss the day's challenge. Nicely done! (Unfortunately, they used Facebook Connect which I would rather stay away from.) Still, it's nice to see them being very responsive! The video tutorial showed different … Continue reading CQURE Academy 5-Day Challenge: Day 3
On day 2, the challenge continued with access management. This time, the video tutorial covered file permissions and how to query them using a variety of script commands. Very useful skills to have if you've ever tried to audit a file server where many people have had their hands in the pot. I didn't fare … Continue reading CQURE Academy 5-Day Challenge: Day 2
CQURE is running an online challenge contest this week (May 8-12, 2017). I am participating and I will blog about the assessment challenge the day after the challenge. These are my notes and lessons learned from the first day challenge. The first day challenged my knowledge of security settings of Windows Services. You too might … Continue reading CQURE Academy 5-Day Challenge: Day 1
No one else I know, until Facebook announced they would buy them. I don't have the WhatsApp app or an account either, so I immediately classified the phishing message below as spam. However, it is a great example of how criminals will use current events in attempts to get their phishing messages looking legitimate. The … Continue reading Who’s heard of WhatsApp? Phishers, that’s who!
A colleague experienced a rather unsettling event today. Their e-mail account was compromised and used to send out scam messages asking for funds to be transferred abroad to most of the e-mail addresses they had ever used to send and receive e-mail. When your e-mail account has been taken over, you're in for a world of … Continue reading Steps to take when your e-mail account has been hacked
Many people have their opinion about passwords and the role they should or should not play in information security. I have an opinion too, but I also realize that today, passwords are simply necessary and we should keep trying to educate end-users about the importance of strong passwords and not re-using them (which is very … Continue reading Google Password Strength Indicator: Weak?
Just another example of this today: I finally got a signup link for the beta of Office 365. I signed up and connected an e-mail account I have at a hosting provider. The hosting provider uses SmarterMail 7 Enterprise Edition. Apparently, all I had to do was input my e-mail address and my e-mail password. … Continue reading Nothing on the Internet is ever, ever deleted
For your day-to-day activities, that is. The blog post below points this out one more time: NEWS: “Removing end user admin rights eliminates 92% of vulnerabilities" This advice holds independent of operating system, version, etc. I do believe though that Vista's User Account Control (UAC) provides significant security and usability benefits by allowing people to … Continue reading Logging On as Administrator is a Bad Idea…