Another “black-hat” site, spyhood, for security practitioners who like to learn from cyber security tools, games and news you can learn from.
The guides are rather trivial (or made trivial:)) with illustrations, step-by-step instructions and screenshots. Just played with the security camera recently.
Got myself a Creality Ender-3 3D printer to play with. A rather nice printer to learn about 3D printing. It comes as an easy to build DIY kit. Continue reading “Just started 3D printing”
I have been using/playing with Azure lately. Everything from server builds, Azure AD, network security and all those magical app services and microservices for AI, cognitive behaviour, threat analytics and more. Playing with Azure is free for a limited subscription with enough cash to play with most (although not resource intensive) services. See here.
Azure security enables you to protect, detect and respond your services. What I find even more interesting from a security perspective is how you can penetration test your Azure ser vices using Kali for Azure. Have not yet tested it out myself, but plan to. It can be acquired here.
Just make sure you let Microsoft know if you plan to pentest something – as you probably would if you tested your corporate network:)
On my Nexus 6P I really love the single-hand Keyboard setup. Hold over the smiley button and the feature appear to the left?
…Google says. Or they don’t actually say so, but their BeyondCorp approach to enterprise security certainly address it. Instead of building a perimeter sound enterprise network, they push security to whom shall access what without building a wall around it. I have tried to split this graphically in four as follows: Continue reading “Move away from the Perimeter”
Looked into the Android SpySMS torjan as they say it has infected 40k users phones. This Mobile Trojan is using SMS as C&C protocol the way IRC C&C were used by PC Trojans back in the days. Got me thinking that the reliable SMS protocol is a nice protocol to control the android bots. The way this app try to block anti-virus from running and the long list of banking apps it controls is rather interesting as this has historically been more adapted by PC trojans and malware.
They do so by providing a Capture The Flag “hacking” challenge environment, open source (at Github) for everyone to play with. Might give it a go one time.
Rank2Traffic is a rather nice service to compare local newspapers or check network traffic trends for public sites over time.
Had an issue with Windows 10 file sharing in my home network the other day. The issue was that when I was to connect one of my Windows machines to the Homegroup, all of them were saying “USER on PC has created a homegroup on the network”, where USER and PC listed on one machine was the one of the other on the network. That was fine, until I were to connect and was promped to enter a password – WHAT PASSWORD?
The reason was aparently that when multiple machines had created a Homegroup for file and printer sharing, none of them showed the Homegroup password to be used.
The solution was apparently (after fidling with it for a while) to turn all machines off, start one of them over again and finally I could establish a Homegroup and got the password required for the other machines to use.
Here is Microsofts response to the issue.
Have been out travelling in south america, and guess what. Corrupted camera memory cards are rather common. Used the simple recovery tool Recuva from Piriform to crawl a friends photos and videos from a corrupted and later formatted memory card. Worked perfectly and best of all it has a great user interface, compared to all those command line forensic toolkits such as Skalpel and Foremost.
Check it out here