Tag: Targeted Attack

Prologue – Think Like a Hacker

Think Like a Hacker is designed to take an IT professional with an interest in cybersecurity on a journey through how an attacker thinks about a network, while posing new theoretical models on how to analyze their network through the lens of a targeted attacker. This book is not be your typical security book that focuses

Continue reading

Am I Pwned? – 5 simple ways to help determine if you should be concerned about malware you discover on your network

One of the difficulties involved with malware analysis is determining exactly how concerned you should be when you find a new sample on your network.  Categorizing malware does not require high cost tools and access to subscription-only databases (although these can help).  The following is a list of ways to help determine how concerned you should

Continue reading

Understanding MS14-068

In November 2014, Microsoft issued a critical patch addressing a Kerberos issue on domain controllers.  This vulnerability enables an attacker to leverage any authenticated session to create a Kerberos ticket which can have any group membership in the Active Directory domain, to include membership in domain admins, schema admins, enterprise admins, or BUILTIN\Administrators.  In addition, a

Continue reading