#hivenightmare / #lolwut Jeff McJunkin* // What is it? tl;dr — Unpatched privilege escalation in Windows 10 in nearly all supported builds. The vulnerability (CVE-2021–36934) allows an attacker with limited user code execution on Windows 10 (or 11) to gain administrative privileges locally, allowing any of the following follow-on attacks: Stealing credential material for any […]
Originally Aired on July 26, 2021 Articles discussed in this episode: 00:00 – BHIS | Talkin’ Bout News 2021-07-26 03:54 – Story # 1: https://cyberworkx.in/2021/07/24/new-windows-attack-petitpotam-forces-windows-hosts-to-share-ntlm-hashes/ 18:53 – Story # 2: https://thehackernews.com/2021/07/how-to-mitigate-microsoft-windows-10-11.html 30:26 – Story # 3: https://cyberworkx.in/2021/07/23/kaseya-received-the-universal-decryptor-for-revil-ransomware-attack/ 51:48 – Random Crap
Podcast: Play in new window | Download
Subscribe: RSS
tokyoneon // Spoofing credential prompts is an effective privilege escalation and lateral movement technique. It’s not uncommon to experience seemingly random password prompts for Outlook, VPNs, and various other authentication protocols in Windows environments. Adversaries will abuse functionalities built into Windows and PowerShell to invoke credential popups to acquire user passwords. As defined by the MITRE […]
Originally Aired on July 19, 2021 Articles discussed in this episode: 00:00 – BHIS | Talkin’ Bout News 2021-07-19 02:18 – Story # 1: https://github.com/fail2ban/fail2ban/security/advisories/GHSA-m985-3f3v-cwmm 13:15 – Story # 2: https://threatpost.com/attackers-target-florida-condo-collapse-victims/167917/ 16:00 – Story # 3: https://citizenlab.ca/2021/07/hooking-candiru-another-mercenary-spyware-vendor-comes-into-focus/ 34:41 – Story # 4: https://thehackernews.com/2021/07/turns-out-that-low-risk-ios-wi-fi.html 42:36 – Story # 5: https://thehackernews.com/2021/07/chinas-new-law-requires-researchers-to.html 53:13 – [Post]Show Banter™ — Can’t […]
Podcast: Play in new window | Download
Subscribe: RSS
Originally Aired on July 12, 2021 Articles discussed in this episode: 00:00 – BHIS | Talkin’ Bout News 2021-07-12 01:56 – Story # 1: https://www.bleepingcomputer.com/news/security/biden-asks-putin-to-crack-down-on-russian-based-ransomware-gangs/ 03:09 – Russia’s R.A.R.E. Program 03:54 – Story # 2: https://www.securityweek.com/solarwinds-confirms-new-zero-day-flaw-under-attack 05:33 – Story # 3: https://thehackernews.com/2021/07/hackers-spread-biopass-malware-via.html 08:44 – Story # 4: https://thehackernews.com/2021/07/magecart-hackers-hide-stolen-credit.html 11:53 – Story # 5: https://www.bleepingcomputer.com/news/security/mint-mobile-hit-by-a-data-breach-after-numbers-ported-data-accessed/ 15:31 […]
Podcast: Play in new window | Download
Subscribe: RSS
Building a phishing engagement is hard. While the concept is straightforward, real-world execution is tricky. Being successful takes enormous amounts of up-front setup and knowledge in quickly evolving phishing tactics. While there is always a need to craft a custom email, the most considerable amount of work is setting up an infrastructure to make it […]
Podcast: Play in new window | Download
Subscribe: RSS
Join the BHIS Community Discord: https://discord.gg/bhis Music By Beau: https://www.nobandwidth.io 00:00 – 2021-04-01 – PreShow Banter™ — Intro Sec Con & The Birth of PreShowBanterCon-A-Thon 2021!™ 05:29 – You’re So Vanity 08:39 – Let’s Talk About Florida Man 11:27 – Kellon is here – Intro Sec Con
Podcast: Play in new window | Download
Subscribe: RSS
Originally Aired on July 6, 2021 Articles discussed in this episode: 00:00 – BHIS | Talkin’ Bout News 2021-07-06 02:32 – Story # 1 – CISA self-assessment audit tool – https://www.bleepingcomputer.com/news/security/cisa-releases-new-ransomware-self-assessment-security-audit-tool/amp/ 08:24 – Story # 2 – Insurance rates up 32% – https://www.theregister.com/2021/07/05/cyber_insurance_report/ 20:48 – Story # 3 – 0 Day for Windows OS PrintNightmare […]
Podcast: Play in new window | Download
Subscribe: RSS
David Fletcher // Over the past several years, attackers have gained significant traction in targeted environments by using various forms of password guessing. This situation was reflected in the 2020 Verizon DBIR under top threat action varieties. Use of stolen credentials sits right behind phishing as the second most utilized threat action in disclosed breaches. Malware variants […]
