Detecting Kerberoasting

Kerberoasting is an effective method for privilege escalation, pivoting, and even persistence. Let’s take a look at ways to detect (and prevent) this attack. Jump to the portion of this post you are looking for: Background Authentication Process Attack Detection...

On Purple

The “Purple Team” term has been flying around for a while now and it is an important development in our growth as an industry. If you haven’t heard the term before, it is a sharing and collaboration between the Red Team (offense) and the Blue Team...

Logging Passwords on Linux

Hal Pomeranz tipped me off to a nasty little trick of using Linux’s own auditing features and PAM to grab clear text passwords from users as they use sudo/su on the command line. Linux PAM (Pluggable Authentication Modules) are a flexible method of implementing...

Germany Says Auf Wiedersehen to Hi-Tech Doll

The German government has banned a hi-tech doll that has given U.S. privacy groups and Red Siege founder, Tim Medin, concerns for years. The My Friend Cayla doll, which remains on sale in the U.S., violates a portion of the German statute that “prohibits the...