On Purple

The “Purple Team” term has been flying around for a while now and it is an important development in our growth as an industry. If you haven’t heard the term before, it is a sharing and collaboration between the Red Team (offense) and the Blue Team...

Logging Passwords on Linux

Hal Pomeranz tipped me off to a nasty little trick of using Linux’s own auditing features and PAM to grab clear text passwords from users as they use sudo/su on the command line. Linux PAM (Pluggable Authentication Modules) are a flexible method of implementing...

Germany Says Auf Wiedersehen to Hi-Tech Doll

The German government has banned a hi-tech doll that has given U.S. privacy groups and Red Siege founder, Tim Medin, concerns for years. The My Friend Cayla doll, which remains on sale in the U.S., violates a portion of the German statute that “prohibits the...

Beyond Net User – Part 2: DS Commands

In the previous post we discussed some of the limitations of Net commands. Most notably, the output limitation (doesn’t show all groups) and it doesn’t allow for flexible searching. In this post we’ll discuss the DS commands to get around these...