Oct 17, 2019
AD - Account Lockout vs Disabled —
Disabling an account in AD isn't instant, but a lockout is.Oct 8, 2019
Lol ANU —
Some place got hacked, it's clearly sophisticated and not at all a result of shitty security, old systems.Aug 31, 2019
On the viability of memory forensics in compromised environments —
When a machine is owned, can you really trust it to give you reliable data for incident response?Aug 13, 2019
K8s config maps don't update in pods when mounted as volumes —
K8s oddities to keep in mind - changes to configmaps don't get reflected in realtime to podsAug 12, 2019
DMA attacks with the PCIscreamer —
DMA attacks - more practical than you think, so much so that the average pentester could do itAug 6, 2019
Shitty Pentest Findings - Password Autocomplete Enabled —
If you had a pentest and it had a finding of 'Password autocomplete enabled', it was probably a shitty pentestAug 5, 2019
Jumpboxes are not a mitigation for credential theft —
Advice no one reads from Microsoft, but probably should have. Jumpservers are Fake News(TM)Aug 4, 2019
RVTools —
Hardcoded encryption keys in sysadmin toolsJul 26, 2019
M$ - AlwaysOn VPN first thoughts —
AlwaysOn, initial thoughts and ideasJul 25, 2019
Shitty sysadmins - Applocker —
Applocker - 'May provide protection without being able to provide a robust defence'