Blog
Search all our posts or browse some of our most recent entries below:
7MS #499: Desperately Seeking a Super SIEM for SMBs – Part 6
Today we have some cool updates on this SIEM-focused series we've been doing for a while. Specifically, I want to share that one of these solutions can now detect three early (and important!) warning signs that bad things are happening in your environment:ASREPRoastingWDigest flag getting flipped (reg add HKLM\SYSTEM\CurrentControlSet\Control\SecurityProviders\WDigest /v UseLogonCredential /t REG_DWORD /d 1)Restricted admin mode getting enabled (reg add HKLM\System\CurrentControlSet\Control\Lsa /t REG_DWORD /v [...]
7MS #498: Securing Your Mental Health – Part 2
Hi everybody, today we're continuing a series we started way back in June called Securing Your Mental Health. Today I talk about some easy and relatively cheap things I'm doing to try and shutdown negative thoughts, punch imposter syndrome in the face, and be an overall happier and more positive person.
7MS #497: The Stress and Satisfaction of Offering Live Security Training
Hey friends, today I'm giving you a peek behind the curtain of our Light Pentest LITE training to talk about the software/hardware we use to make it sing, the growing pains - and OMG(!) moments - that forced us to build in more infrastructure redundancy, and the cool (and expensive!) cloud options we're considering to offer a self-paced version of the course.
7MS #496: Tales of Pentest Pwnage – Part 30
Today's episode is brought to us by Manscaped. Get 20% off your order + free shipping with the code 7MS at Manscaped.comToday's tale of pentesting has a bunch of tips to help you maximize your pwnage, including:The new Responder DHCP poisoning moduleAll the cool bells and whistles from CrackMapExec which now include new lsass-dumping modules!Speaking of lsass dumping, here's a new trick that works if [...]
7MS #495: Desperately Seeking a Super SIEM for SMBs – Part 5
This podcast is sponsored by Arctic Wolf, whose Concierge Security teams Monitor, Detect and Respond to Cyber threats 24/7 for thousands of customers around the world. Arctic Wolf. Redefining cybersecurity. Visit Arcticwolf.com/7MS to learn more.Today we continue our SIEM/SOC evaluation series with a closer look at one particular managed solution and how it fared (very well) against a very hostile environment: the Light Pentest LITE [...]
7MS #494: Interview with Josh Burnham of Liquid Web
Today we chat with Josh Burnham, Security Operations Manager at Liquid Web. As someone who helps support and secure a hosted environment, Josh sleeps with one eye open :-). We talked about:How security in a hosting environment has changed from "back in the day" to todayTips for running a successful bug bounty programWhy your organization might want to utilize a security.txt fileTips on dealing with [...]
7MS #493: 7MOIST – Part 2
Hey, remember back in episode #357 where we introduced 7MOIST (7 Minutes of IT and Security Tips)? Yeah, me neither :-). Anyway, we're back with the second edition of 7MOIST and have some cool pentesting and general IT tips that will hopefully make your life a little awesome-r:Stuck on a pentest because EDR keeps gobbling your payloads? SharpCradle might just save the day!CrackMapExec continues to [...]
7MS #492: Tales of Pentest Pwnage – Part 29
Hello friends! We're long overdue for a tale of pentest pwnage, and this one is a humdinger! It's actually kind of three tales in one, focusing on pentesting wins using:Manual "open heart surgery" on the root of the Active Directory domainThe new totally rad DHCP poisoning module of ResponderAn opportunity to abuse GPOs with SharpGPOAbuse (P.S. we talked about this tool about a year ago [...]
7MS #491: Interview with Louis Evans of Arctic Wolf
This podcast is sponsored by Arctic Wolf, whose Concierge Security teams Monitor, Detect and Respond to Cyber threats 24/7 for thousands of customers around the world. Arctic Wolf. Redefining cybersecurity. Visit Arcticwolf.com/7MS to learn more.Today we're joined by Louis Evans of Arctic Wolf to talk about all things cyber insurance, including:History on cyber insurance - who's buying it, what it does and doesn't cover, and [...]
7MS #490: Desperately Seeking a Super SIEM for SMBs – Part 4
SafePass.me is the only enterprise solution to protect organizations against credential stuffing and password spraying attacks. Visit safepass.me for more details, and tell them 7 Minute Security sent you to get a 10% discount!Hey friends! Today we're going to recap the SIEM/SOC players we've evaluated so far (Arctic Wolf, Elastic, Sumo Logic, Milton Security) and then talk about a new contender that was brought to [...]
7MS #489: Ping Castle
This podcast is sponsored by Arctic Wolf, whose Concierge Security teams Monitor, Detect and Respond to Cyber threats 24/7 for thousands of customers around the world. Arctic Wolf. Redefining cybersecurity. Visit Arcticwolf.com/7MS to learn more.Today we're talking about Ping Castle (not a sponsor), an awesome tool for enumerating tons of info out of your Active Directory environment and identifying weaknesses, misconfigurations and paths to escalation! [...]