MITRE ATT&CK has become very popular in cybersecurity over the the last few years, with most vendors rushing to support MITRE’s Tactics, Techniques, and Procedures (TTPs) and ATT&CK Navigator. MITRE even has the MITRE ATT&CK Defender (MAD) certification to learn in-depth knowledge of the framework. In fact I am an active holder of the MAD certification. With all of the…
Some background information, feel free to skip: I’m relatively new to pentesting. I’ve spent my whole career on the blue side, mostly with SIEM technologies. But that’s boring! I want to HACK! So my employer paid for some training and set a goal to finish HackTheBox Bug Bounty course and all TryHackMe modules this year. So I’m documenting my progress,…
Hey guys! This is my first CTF writeup, red teaming is a new thing to me! Let’s get started! I’m starting with Photobomb from HackTheBox. It’s an easy CTF but I’m pretty new to pentesting so it’s a good challenge for me. I’ve been told it’s good practice to add the box name to your /etc/hosts file before you get…
I was a security consultant for 6 years, and I’ve been working in security for 10 years and if there’s one thing I’ve learned its this: IT and the rest of the business really doesn’t like or even understand security. We get in their way and we demand things of them that only help us, and the business never sees…
A few years ago I switched my “business” code from Github to Gitlab. The reason for this was… well, I was bootstrapping a business. Every dollar counts, and Github’s private repos were $5/mo while Gitlab was free. Unfortunately almost immediately after I switched everything, Microsoft bought Github and started offering free private repos. I should have switched back immediately. But…
Dating back for decades now, most major companies and enterprises have had “security” teams. Sometimes called “IT Security” or “infrastructure security” or something along those lines. This group was responsible for everything from security policies to risk reviews to approving firewall changes. Sometimes they’d own things like IDS/IPS, anti-virus, and often strictly security tools like a SIEM, a WAF, or…
As widely reported across the Internet, a woman has died as the result of a ransomware attack. I want to say that this drives home the importance of information security, but the reality is, this isn’t the first time someone’s life was ruined by security breaches. It might be the first time someone has died, but Stuxnet and Equifax and…
The Maginot Line in World War II was the French defense against invading German forces. It covered almost the entire perimeter of the country, was impervious to attacks from the air or ground, and had backup supply lines on the inside of the perimeter. It was well staffed with trained and experienced soldiers. It was hugely expensive, state-of-the-art, and considered…
(At the time I wrote this (2017), I had never heard of “zero trust networking”. Looking back, that’s what I’m describing in this post. If you’re interested in these concepts, please read up on zero trust) The way we are dealing with security is all wrong. No one can deny it, but no one is doing anything about it. Why?…