A collection of (mostly) InfoSec-related stories that I encountered either privately or professionally.
These stories might not always contain cutting-edge knowledge. They might not always be super long. But all of them I deemed worth telling.
During a recent engagement, I found myself in quite a difficult situation.
I was in the client's offices and got my hands on one of their Windows laptops including a set of valid domain credentials.
So, using an Ethernet cable, I was able to get the laptop into the client's network.
But, thanks to a great Endpoint Detection and Response (EDR) solution, solid privilege management and 802.1X-2010
NAC, that was about as far as I could get. Or was it...?
Read more
A short story about how NOT to handle security alerts as a SOC. And some brief tips on how to improve security monitoring.
Read more
Recently I was doing Incident Response for a company that had been thoroughly compromised,
the attackers had acquired domain administration privileges within the Active Directory domain
and even gained access to the backups. This was a company, however, that had spent
the equivalent of a $100,000 on pentests anually in recent years and the most recent
pentests found close to no vulnerabilities. So what when wrong?
Read more
Given that the concept - and the field - of "cybersecurity" has been around for decades,
it would be easy to think that we have made major strides in that field since
the first person had the idea that digital systems should maybe be protected.
And while that may be true for some, sometimes today's cybersecurity
looks no different than it did in the 90's. This is just one
of many examples...
Read more