本エントリは This Week in 4n6 (FourAndSix=Forensics) で紹介された各記事の冒頭を表示し、チェックする記事をザッピングするために自動生成&投稿したものです。4n6 は こちら からご確認いただけます。
PRESENTATIONS/PODCASTS
Elan Wright at ‘DFIR Diva’
YouTube video
Adversary Universe Podcast
Download758“Iran’s digital presence is something we don’t want to underestimate.” Though its cyber activity has been making headlines during a dynamic past few weeks, Iran’s history as a major player in the threat landscape spans decades. In this episode, Adam and Cristian take you back to the days of Stuxnet and trace Iran’s evolution from nascent threat actor to prominent nation-state adversary. Tune in to learn how hacktivism has played a role in its history, why CrowdStrike uses “KITTEN” to ...
Black Hills Information Security
YouTube video
Brought to you by Antisyphon Training — //www.antisyphontraining.com Abusing Active Directory Certificate Services (Part 3) Back to top Black Hills Information Security 890 Lazelle Street, Sturgis, SD 57785-1611 | 701-484-BHIS (2447) © 2008-2023 About Us | BHIS Tribe of Companies | Privacy Policy | Contact Links Search the site
| Alyssa Snow In PART ONE and PART TWO of this blog series, we discussed common misconfigurations of Active Directory certificate templates. In this post, we will walk through exploitation of the Web Enrollment feature. Active Directory Certificate Services (ADCS) supports HTTP-based enrollment methods. If enabled, HTTP-based certificate enrollment interfaces can be vulnerable to NTLM relay attacks. If an attacker can coerce a victim account to authenticate to the attacker-controlled machine, th...
Brought to you by Antisyphon Training — //www.antisyphontraining.com Talkin’ About Infosec News – 11/09/2023 Back to top Black Hills Information Security 890 Lazelle Street, Sturgis, SD 57785-1611 | 701-484-BHIS (2447) © 2008-2023 About Us | BHIS Tribe of Companies | Privacy Policy | Contact Links Search the site
Breaking Badness
c3rb3ru5d3d53c
YouTube video
Cellebrite
YouTube video
Digital Forensic Survival Podcast
Hardly Adequate
My Blog • Discord • Socials LinkedIn Twitter • Youtube • Podcasts Hardly Adequate Forensic Focus • CTF • Shop Meet the Team Desi currently works for Dragos and believes in the mission to protect civilisation. He is also a podcast host, educator, student, mentor, ctf player & designer. All his spare time is taken up by fitness, gaming, and of course his dogs. Moxie loves humans and will always take out your shins for a pat. She is on the fence about soft toys but is a firm believer that squeakers...
My Blog • Discord • Socials LinkedIn Twitter • Youtube • Podcasts Hardly Adequate Forensic Focus • CTF • Shop Meet the Team Desi currently works for Dragos and believes in the mission to protect civilisation. He is also a podcast host, educator, student, mentor, ctf player & designer. All his spare time is taken up by fitness, gaming, and of course his dogs. Moxie loves humans and will always take out your shins for a pat. She is on the fence about soft toys but is a firm believer that squeakers...
Huntress
YouTube video
YouTube video
InfoSec_Bret
YouTube video
Intel471
Nov 07, 2023 In one long weekend in May 2023, a cybercriminal gang called Clop conducted one of the largest data breaches on record. It exploited a zero-day vulnerability in enterprise managed file transfer software. The supply-chain attack affected thousands of organizations and millions of people. In an effort to extort victims, Clop published terabytes of data, including health care data, highly personal records and corporate data, on the internet. Some victims paid millions of dollars in ran...
John Hammond
YouTube video
YouTube video
YouTube video
Justin Tolman at AccessData
YouTube video
YouTube video
Karsten Hahn at Malware Analysis For Hedgehogs
YouTube video
YouTube video
MSAB
YouTube video
Sandfly Security
YouTube video
Security Conversations
The Cyber Mentor
YouTube video