Got Privs? Extract and Crack the Creds – Paul’s Security Weekly #555

In the bad old days we used to exploit LSASS memory to dump hashed credentials from memory. When dealing with a domain controller, and a large environment this is dangerous. This segment will address a safer way to extract hashed credentials from the e… Continue reading Got Privs? Extract and Crack the Creds – Paul’s Security Weekly #555

New POS Malware PinkKite Takes Flight

Researchers shed light on a newly discovered family of point of sale malware that is extremely small in size and adept at siphoning credit card numbers from POS endpoints. Continue reading New POS Malware PinkKite Takes Flight

Microsoft Patches Two Critical Security Vulnerabilities

Microsoft patched two vulnerabilities rated critical that tied to Office 2016, its Edge browser and its Local Security Authority Subsystem Service (LSASS). Continue reading Microsoft Patches Two Critical Security Vulnerabilities