Beau Bullock – WindowsTechs.com

Evading Network-Based Detection Mechanisms – Tradecraft Security Weekly #24

Posted on March 29, 2018 by Security Weekly Productions

In this episode of Tradecraft Security Weekly hosts Beau Bullock (@dafthack) and Mike Felch (@ustayready) discuss methods for evading network-based detection mechanisms. Many commercial IDS/IPS devices do a pretty decent job of detecting standard pente… Continue reading Evading Network-Based Detection Mechanisms – Tradecraft Security Weekly #24→

Google Event Injection – Tradecraft Security Weekly #20

Posted on November 3, 2017 by Paul Asadoorian

Google provides the ability to automatically add events to a calendar directly from emails received by Gmail. This provides a unique situation for phishing attempts as most users haven’t been trained to watch their calendar events for social engineering attempts. In this episode Beau Bullock (@dafthack) and Michael Felch (@ustayready) show how to inject events […]

The post Google Event Injection – Tradecraft Security Weekly #20 appeared first on Security Weekly.

Continue reading Google Event Injection – Tradecraft Security Weekly #20→

Meterpreter with Categorized Domains & Trusted Certs – Tradecraft Security Weekly #4

Posted on June 3, 2017 by Paul Asadoorian

It is common for organizations to proxy web traffic so they can place restrictions on what websites can be visited by employees. To make the management of allowing or denying access to a large number of sites easier many web proxies utilize categorizat… Continue reading Meterpreter with Categorized Domains & Trusted Certs – Tradecraft Security Weekly #4→

Attacking Exchange/OWA to Gain Access to AD Accounts – Tradecraft Security Weekly #3

Posted on May 30, 2017 by Paul Asadoorian

Microsoft Exchange and Office365 are extremely popular products that organizations use for enterprise email. These services can be exploited by remote attackers to potentially gain access to Active Directory user credentials. In this Tradecraft Securit… Continue reading Attacking Exchange/OWA to Gain Access to AD Accounts – Tradecraft Security Weekly #3→

Windows Privilege Escalation Techniques (Local) – Tradecraft Security Weekly #2

Posted on May 18, 2017 by Paul Asadoorian

In episode 2 of Tradecraft Security Weekly Beau Bullock (@dafthack) discusses Windows privilege escalation techniques. There are many reasons why normal employees should not be local administrators of their own systems. Network administrators tend to l… Continue reading Windows Privilege Escalation Techniques (Local) – Tradecraft Security Weekly #2→

Paul’s Security Weekly #496 – Tech Segment: Bypassing AV on Android, Beau Bullock

Posted on January 16, 2017 by Paul Asadoorian

Beau Bullock shows us how to bypassing antivirus software using Android in this week’s tech segment! Full Show Notes Subscribe to YouTube Channel Security Weekly Website Follow us on Twitter: @securityweekly http://traffic.libsyn.com/pauldotcom,pswonly/Pauls_Security_Weekly__496_-_Tech_Segment_Bypassing_AV_on_Android_Beau_Bullock_converted.mp3 Continue reading Paul’s Security Weekly #496 – Tech Segment: Bypassing AV on Android, Beau Bullock→

Hack Naked News #104 – December 28, 2016

Posted on December 31, 2016 by Paul Asadoorian

Two critical vulnerabilities you will want to patch before 2017 and a free tool to keep ransomware off the new gadgets you received over the holidays. Full Show Notes Visit http://hacknaked.tv to get all the latest episodes! http://traffic.libsyn.com/p… Continue reading Hack Naked News #104 – December 28, 2016→

Hack Naked News #104 – December 28, 2016

Posted on December 31, 2016 by Paul Asadoorian

Outlook Web Access Two-Factor Authentication Bypass Exists

Posted on November 3, 2016 by Michael Mimoso

Two-factor authentication protecting Outlook Web Access and Office 365 portals can be bypassed-and the situation likely cannot be fixed, a researcher has disclosed. Continue reading Outlook Web Access Two-Factor Authentication Bypass Exists→