TL;DR, most of the security news about IoT is full of FUD. Always put the risks in context - who can exploit this and what can the attacker do with it. Most story only covers the latter.IntroductionThere is rarely a day without news that another "Internet of Things" got hacked ... Read More

IntroductionWhenever security professionals recommend the 5 most important IT security practices to average users, one of the items is usually something like: “Avoid using open Wifi” or “Always use VPN while using open WiFi” or “Avoid sensitive websites (e.g. online banking) while using open WiFI”, etc.What I think about this? ... Read More

TL;DR: Are you into red teaming? Need persistence? This post is not that long, read it ;)Are you into blue teaming? Have to find those pesky backdoors? This post is not that long, read it ;)In the previous post, I listed different ways how a Windows domain/forest can be backdoored ... Read More

When the Kerberos elevation of privilege (CVE-2014-6324 / MS14-068) vulnerability has been made public, the remediation paragraph of the following blog post made some waves:http://blogs.technet.com/b/srd/archive/2014/11/18/additional-information-about-cve-2014-6324.aspx"The only way a domain compromise can be remediated with a high level of certainty is a complete rebuild of the domain."Personally, I agree with this, ... Read More

This post is going to be a rather strange post compared to previous ones. But bear with me, in the middle of the post you will see why this post fits the IT security topic.I'm also terribly sorry for not posting recently, but I was busy with my SPSE and ... Read More

In the previous blog post, I have covered the different passwords you have to protect, the attackers and attack methods. Now let's look at how we want to solve the issue. Password requirementsSo far we have learned we have to use long, complex, true random passwords. In theory, this is ... Read More

TL;DR: different passwords have different protection requirements, and different attackers using various attacks can only be prevented through different prevention methods. Password security is not simple. For real advise, checking the second post (in progress).Are you sick of password advices like "change your password regularly" or "if your password is ... Read More

This is the second blog post in the "Attacking financial malware botnet panels" series. After playing with Zeus, my attention turned to another old (and dead) botnet, SpyEye. From an ITSEC perspective, SpyEye shares a lot of vulnerabilities with Zeus. The following report is based on SpyEye 1.3.45, which is old, ... Read More

In the Hacking Windows 95, part 1 blog post, we covered that through a nasty bug affecting Windows 95/98/ME, the share password can be guessed in no time. In this article, I'm going to try to use this vulnerability to achieve remote code execution (with the help of publicly available ... Read More

DSploitAfter playing with the applications installed on the Pwn Pad, I found that the most important application (at least for me) was missing from the pre-installed apps. Namely, DSploit. Although DSploit has tons of features, I really liked the multiprotocol password sniffing (same as dsniff) and the session hijacking functionality.The DSploit ... Read More