by Tim Medin | Oct 21, 2020 | Blog Posts
Kerberoasting is an effective method for privilege escalation, pivoting, and even persistence. Let’s take a look at ways to detect (and prevent) this attack. Jump to the portion of this post you are looking for: Background Authentication Process Attack Detection...
by Tim Medin | Aug 27, 2019 | Uncategorized
by Tim Medin | Jul 12, 2019 | Blog Posts
The “Purple Team” term has been flying around for a while now and it is an important development in our growth as an industry. If you haven’t heard the term before, it is a sharing and collaboration between the Red Team (offense) and the Blue Team...
by Tim Medin | May 30, 2019 | Blog Posts
Hal Pomeranz tipped me off to a nasty little trick of using Linux’s own auditing features and PAM to grab clear text passwords from users as they use sudo/su on the command line. Linux PAM (Pluggable Authentication Modules) are a flexible method of implementing...
by Tim Medin | Mar 28, 2018 | Blog Posts
The German government has banned a hi-tech doll that has given U.S. privacy groups and Red Siege founder, Tim Medin, concerns for years. The My Friend Cayla doll, which remains on sale in the U.S., violates a portion of the German statute that “prohibits the...