Blogs

In today’s world, technology is everywhere. In fact, it’s hard to go anywhere or do anything without using technology. As technology brings the world closer, it also puts those who use technology at risk…risk of stolen data, identify theft, the list goes on. Without cyber security, technology would not be where it is. Technology will inherently have flaws, which will in turn be exploited for fun, fame, or fortune. By helping secure technology, individuals, government, and corporations, cyber security provides “peace of mind” when surfing the web, sending an email, downloading a file, or countless other activities powered by technology.

Based on "Auditing Cached credentials with cachedump" from Eoin Miller and Adair Collins at Shmoocon, 2007.

Under certain conditions, Windows domain credentials (usernames and passwords) are cached (stored) in a local machine's registry. Windows consults these credentials when a user logs into a network-disconnected domain member machine. If an attacker grabs and cracks a domain admin password from a workstation, he owns the entire domain!

Domain admin credentials are cached on a machine if an admin logs into it, uses "Run As" from it or accesses it with Remote Desktop. Caching also occurs when admins share laptops.

You can use tools like fgdump (http://swamp.foofus.net/fizzgig/fgdump) or Cain and Abel (http://www.oxid.it) to dump the credentials from a local or remote machine (stored in HKLM\SECURITY\Cache\NL[1-10]), assuming you have local admin privileges. Use John the Ripper (http://www.openwall.com/john) or Cain to crack the passwords.

Adam Laurie floored me with his “Satellite Hacking” talk at Blackhat USA 2009. I respect Adam’s work, humor and presentation skills. His approach thrilled me and reminded me of what hacking is all about: creativity and curiosity culminating in technologically cool stuff. Using $900 worth of gear, Adam hacked together a system that graphed (in 3D) feed signals found in a frequency range and horizon position. Instead of scanning through text data, he simply picked out the small (interesting) blips amongst the broad (commercial) smears. In his LIVE demo, he grabbed a UDP stream from a mysterious satellite over Africa with his UK-based dish and routed it to his machine in DC. Also, in an unrelated ($50) demo, he injected data into a US RFID-chipped passport’s signal stream, making the bearer none other than Osama bin Laden. Wicked, Adam!

I’m so greedy with my time. If I take time to read a paper or watch I talk only to find out it's regurgitated content, I get irritated. When a new technology comes along, I skim the details searching for the point. I want the essence--to know if and how it applies to me.

Twitter fans gets this. You get 140 characters which is a lot if you’re careful.

So I’m trying "blink" posts of 140 words or less. If I can’t make the point in that space then I don't get it, and if I don't get it, how can I help you get it?

Welcome to my blog space at Ciphent. It’s good to have you here.

And see? It is possible. This post is 133 words long.

-Johnny

I read an article recently (http://news.zdnet.com/2424-9595_22-254433.html) that believe it or not flashed by my screen as an ad and yes I clicked it.

Microsoft has announced an initiative to offer free malware protection and anti-virus software to all consumers by the second half of 2009. Several inferences can be made by the recent news.

I recently implemented a product for a company that prided itself on having very strict security policies on their servers and workstations.

The "social graph" that Facebook provides is it's main source of power and value to it's users. However, from a security standpoint, this is also Facebook's Achilles Heel.

An often overlooked aspect of software security is the proper allocation and release of resources. Scarce resources like database connections and file handles, if not properly disposed of after use, can result in memory leaks, resource pool consumption and other conditions that may lead to denial of service vulnerabilities. The C# 2.0 using construct can help to eliminate these conditions.

There is a new alert circulating the security industry; a new wave of malware may hit an all-time one day high. Obama malware.