Collaborate Disseminate
Recent phishing emails claim to offer a COVID-19 grant application from the SBA but are actually looking to capture banking details and other confidential data, says Inky.
The post Credential phishing attacks continue to exploit COVID-19 to target busi… Continue reading Credential phishing attacks continue to exploit COVID-19 to target businesses
I am working on some research and I am trying to unpack exactly how NotPetya used the eternalblue vulnerability to spread across networks. My understanding of the SMBv1 Protocol is that it would not be used to communicate outside of a LAN … Continue reading EternalBlue Across Networks
Back in March, Microsoft started testing a new SMB authentication… Continue reading Microsoft to Enable SMB Authentication Rate Limiter By Default in Windows 11
While analyzing Wireshark traffic, I am trying to find the SID for a specific username (e.g. "Timothy") in the SMB traffic. I am able to view the files and the username needed during login, but I am unable to find the SID.
How ca… Continue reading How to find the SID (Security Identifier) in SMB in Wireshark
I’ve recently eradicated Active Directory from my network. However, I’m having trouble verifying there is no issue with sharing files using a local account instead of a domain account.
I have exactly one server I was unable to convert to u… Continue reading Possible pitfalls with filesharing using local account instead of domain account
We have Alation Data Catalog and Azure Purview however both are for RDBMS and don’t support file servers and shares. We have about 1,000 servers …
Outside of Excel, is there a preferred tool for managing an inventory of file servers? All… Continue reading Best tool for cataloging and inventory of file servers and shares
Microsoft has announced a free one-to-one consultation service for small… Continue reading Microsoft Announces Free 1:1 Consultation Service for Small Businesses
I mainly use Linux and am not very familiar with Windows shares so my apologies if this question sounds noobish.
Say I’m attacking a Windows machine and host an SMB share from my Linux machine with malware in that share. I want to run the … Continue reading How do AV interact with malicious executables in remote shares?
For security reasons, I want to block 445 in my AD (Active Directory) environment. One of them is to disable access to SMB shared folders.
But my problem is if I block all inbound TCP connections to a workstation from this port, then I can… Continue reading Port 445 blocks administrative functions (Active Directory) [migrated]
Say I’ve found a perfect SSRF vulnerability in a web application that lets me send web requests to any URL, any host, any port, any scheme. I can use the file:// scheme to get the contents of local files, such as file:///C:/Windows/win.ini… Continue reading Uploading/writing server files via SSRF?