If you don’t think a password hash is just as good as getting a plaintext password (99% of the time), then you should read this. Several of my clients in the past have downplayed my findings related to the discovery of password hashes, even after I cracked them. This article, like many of my articles, […]
Blog
Citrix XenDesktop Exploit
This is an exploit to gain access to a corporate network through an employee’s unmanaged personal computer via a Citrix XenDesktop VDI. Intro I’m frustrated by the sales pitch for XenDesktop and am concerned for those who have bought into the misleading claim that it is “safe from hackers and protecting the corporate network from […]
Traditional IOCs Suck
Traditional IOCs are lame. Don’t waste your time on traditional Indicators Of Compromise (IOCs) – IPs, domains, URLs, hashes, filenames, etc.. Seriously, buy a vendor product and/or feed that gives you this capability. The payback of traditional IOCs catching commodity malware is low. The payback when it comes to detecting advanced and/or targeted threats with traditional […]