Got a friend that received the following mail 8 or 9 times in his inbox and he wondered if I would take a look at it. How can I say no? The mail looked like this: It has been some time since I last reversed something so I taught it would be fun just to […]
I thought I would write this blogpost to describe what I think is best practices in terms of installation of Microsoft Advanced Threat Analytics. The product is meant to reveal advanced attacks in your infrastructure. It is therefore important to understand that you should assume breach when installing this product. This could be a little […]
Since Digicert.com provides free certificates to MVPs, we have added a SSL certificate to our blog and switched to HTTPS on all our traffic. Thank you so much Digicert. This will make sure that all traffic to and from our blog is encrypted. Google has announced that they will use https as a ranking signal […]
Since there has been a lot of writing in Norwegian media about Norwegian Government pages that still uses old protocols and ciphers, I decided to post a PowerShell script I use when I setup Windows Servers in order to disable the old protocols and ciphers. NRK has written in detail how they conducted their research here […]
I often want to show customers how a ransomware attack will affect the business. Finding all the network shares that you have write access to as a normal user can take a lot of time to do manually. As a result of this I have created a script that I have called Ransomware simulator. The […]
Microsoft has announced (https://blogs.technet.microsoft.com/mmpc/2016/03/22/new-feature-in-office-2016-can-block-macros-and-help-prevent-infection/) that there is a new group policy setting in macro security that blocks macros from files that arrives from Internet. If there is one setting you should implement in your organization, it is this one. This setting will make attacks through attachments in emails much harder. Microsoft’s Office 365 Advanced Threat […]
I just created a video about AppLocker and how it can make companies more secure. The video is in Norwegian (Sorry to our english readers). My goal with the video is to get companies to focus more on client security. Two days ago we could read about a hospital in Hollywood that was taken offline […]
If there is one session about security I really think you should watch, it is definitely Rob Joyce’s talk at USENIX. Rob Joyce leads the NSAs Tailed Access Operations. They are often referred to as Nation-State hackers. His session is about tips on how to prevent or make it more difficult for Nation-State Hackers to get […]
This might come as a shocker to you (irony), but cyber-criminals use e-mail to attack your users. I feel that client security is something that is often overlooked and IT-pros tend to focus on securing the servers rather than focusing on what is possible to do from the clients within the company network. If you […]
Let’s say you love Armitage ( I do ) and you are doing a pentest assignment and you can only work remotely against a Kali 2.0 vm hosted in a datacenter or something. Armitage is a GUI tool and you really need to have a desktop to use it. Or at least that was what […]