Jordan Drysdale

00409_10072019_WEBCAST_CloudTradeCraft

, , , , , , , , ,

Webcast: Open Source Exploits in the Cloud’s Big Data Services – Cloud TradeCraft

Click on the timecodes to jump to that part of the video (on YouTube) Download slides: https://www.activecountermeasures.com/presentations 4:18 Problem statement and exploitation timeline8:28 MapReduce and Hadoop overview, overview of open-source software based on Hadoop architecture and their vulnerabilities14:15 Live demonstration of standing up a stack in EMR, terminology, auto-scaling risks, proper security postures for any new […]

Read the entire post here

00400_08212019_SecuringTheCloud-1

, , , , , , , ,

Securing the Cloud: A Story of Research, Discovery, and Disclosure

Jordan Drysdale // tl;dr BHIS made some interesting discoveries while working with a customer to audit their Amazon Web Services (AWS) infrastructure. At the time of the discovery, we found two paths to ingress the customer’s virtual private cloud (VPC) through the elastic map reduce (EMR) application stacks. One of the vulns that gained us […]

Read the entire post here

00389_05302019_AttackTacts6

, , , , , , , , , , ,

Podcast: Attack Tactics 6! Return of the Blue Team

Download slides: https://www.activecountermeasures.com/presentations In this webcast we walk through the step-by-step defenses to stop the attackers in every step of the way we showed in Attack Tactics Part 5!!! Originally recorded as a live webcast on May 16th, 2019Presented by: John Strand, Jordan Drysdale, Kent Ickler Join the BHIS Blog Mailing List – get notified when […]

Podcast: Play in new window | Download

Subscribe: Android | RSS

Read the entire post here

WEBCAST_attacktactics-part6

, , , , , , , , , , , , , , , , ,

Webcast: Attack Tactics 6! Return of the Blue Team

Download slides: https://www.activecountermeasures.com/presentations In this webcast we walk through the step-by-step defenses to stop the attackers in every step of the way we showed in Attack Tactics Part 5!!! Timecode links take you to YouTube: 2:53 Introduction, password spray toolkit, account lockout, honey accounts, canary tokens, and two factor authorization 12:00 PCI #fixthefuture , two […]

Read the entire post here

BHIS_YT_WEBCAST3

, , , , , , , , , , , , , , , , , , , , , , ,

Webcast: Attack Tactics 5 – Zero to Hero Attack

Timecode links take you to YouTube: 4:11 – Infrastructure & Background8:28 – Overview & Breakdown of Attack Methodology and Plans11:35 – Start of Attack (Gaining Access), Password Spraying Toolkit15:24 – Mailsniper, Retrieve Global Access List21:58 – Lateral Movement, OWA, VPN, SSH27:05 – Scanning/Enumeration, Nmap SSH Brute Force, “Find Open”, Movement, Gaining Access34:07 – Gaining Access, […]

Read the entire post here

00382_04072019_SMB_Relay_Race

, , , , , , , , ,

An SMB Relay Race – How To Exploit LLMNR and SMB Message Signing for Fun and Profit

Jordan Drysdale// This is basically a slight update and rip off of Marcello’s work out here: https://byt3bl33d3r.github.io/practical-guide-to-ntlm-relaying-in-2017-aka-getting-a-foothold-in-under-5-minutes.html /tl;dr – Zero to DA on an environment through an exposed OWA and a single factor VPN. An overview of the techniques is chopped from further down, and the attack summary, exists twice in this document: Identify network […]

Read the entire post here