Resources

  • Ruxcon – ruxcon.org.au
    Presentation Slides from Ruxcon Australia

Techniques

  • Kerberoasting Without Mimikatz – www.harmj0y.net
    Thanks to an awesome PowerView pull request by @machosec, Kerberoasting is easier than ever using pure PowerShell. I wanted to briefly cover this technique and its background, how we’ve been using it recently, and a few awesome new developments.
  • Bypassing Two-Factor Authentication on OWA & Office365 Portals – blackhillsinfosec.com
    EWS is a web-based API enabled on Exchange servers that Microsoft recommends customers use when developing client applications that need to interface with Exchange. The API allows for applications to have the ability to interact with email messages, contacts, calendar, and more from user’s mailboxes.

Vulnerabilities

  • Hackers hijack Philips Hue lights with a drone – www.engadget.com
    The Internet of Things is a security nightmare. Anyone who was online a few weeks ago can attest to that. The massive internet blackout was caused by connected devices, and new research from white-hat hackers expounds upon those types of vulnerabilities. The target? Philips Hue smart lightbulbs.

Other News

  • UK government vows to sink $2.3 billion into new cybersecurity plan – arstechnica.com
    Recent research suggested that Britain is particularly susceptible to data breaches involving compromised employee account data. Nonetheless, chancellor of the exchequer Philip Hammond claimed on Tuesday that the country is “an acknowledged global leader in cyber security.”
  • Level 3 drops its packets for hours, causing Internet traffic jam – arstechnica.com
    It was the Tier 1 network service provider Level 3 Communications that was at the center of the problem, which disrupted parts of the Internet’s backbone. But for the moment, it does not appear that the outage was triggered by a denial of service attack or other network attack, like the attack on DNS provider Dyn on October 21.
  • Computer virus attack forces hospitals to cancel operations, shut down systems – www.zdnet.com
    The Northern Lincolnshire and Goole NHS Foundation Trust says a “major incident” has been caused by a “computer virus” which infected its electronic systems on Sunday. As a result of the attack, the hospital has taken the decision to shut down the majority of its computer networks in order to combat the virus.