I was explaining to a colleague how TTL works in DNS. Later that evening my google feed suggested this helpful article; An Easy Primer on TTL (Time to Live) - KeyCDN SupportTTL, or time to live, is a DNS setting used to determine how long a DNS record should be cached in a local resolver. Learn about its performance benefits.KeyCDN [https://www.keycdn.com/support/ttl]Helpful. But creepy.... Google's always listening 🤔…
Another list of useful techniques for network defenders; > Due to the massive response on this tweet I got inspired to write a blog post about some easy wins that makes Red Teaming harder. So, giving away 4 free easy wins for Christmas in this post. 🎅 Enjoyhttps://t.co/2ilhEEaaPM https://t.co/Wpnv378UpS — Oddvar Moe (@Oddvarmoe) December 10, 2020 [https://twitter.com/Oddvarmoe/status/1337110114185207815?ref_src=twsrc%5Etfw] and the blog post to go with it; 4 Free Easy Wins That Make Red Te…
> Writing up a new post on ransomware activity and dropping some instructions on risk mitigation. Not using Microsoft LAPS to randomize local admin passwords? Here is an approach on how to implement in active directory environments:https://t.co/srEWPBEMif — Root (@rootsecdev) November 11, 2020 [https://twitter.com/rootsecdev/status/1326542258359840769?ref_src=twsrc%5Etfw] The repo is here; rootsecdev/Microsoft-Blue-ForestCreating a hardened “Blue Forest” with Server 2016/2019 Domain Controll…
The missing step from many online articles appears to be the switch to ghost-mgr. After logging into a terminal session; # Update package lists sudo apt-get update # Update installed packages sudo apt-get upgrade *if there is an error (after "apt-get update") downloading from Yarn, run this command: curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | sudo apt-key add https://github.com/yarnpkg/yarn/issues/7866#issue-558663837 sudo -i -u ghost-mgr cd /var/www/ghost ghost backup s…
> I'm a bit surprised that Microsoft doesn't publish guidance around Pass-the-PRT? - I'm confident that this attack will be used a lot in the future, so why wait until it is known? Remember Pass the Hash? It took years until we got a proper guidance for it. https://t.co/lEHu3v3CQF — Huy (@DebugPrivilege) November 10, 2020 [https://twitter.com/DebugPrivilege/status/1326123907028570114?ref_src=twsrc%5Etfw] Lateral Movement to the Cloud | Pass-The-PRT | What Is It & Protecting Yourself New researc…