Today I am proud to announce that another paper of my former colleagues from Heilbronn University and me was published in one of the journals with the highest impact factor for Medical Informatics research called JMIR mHealth and uHealth. There is a reason why we published in this journal besides its informatics focus. The journal is an open access journal. That means that readers are not charged on a pay-per-view basis or other business models to access the full text of the paper. In return, the authors need to pay publication fees. In my opinion restricting access to academic research is not a way to go. I think this isn’t a thing we see in the security community often anyway. But this is and was the standard in academia for years.
Continue readingERNW Whitepaper 67: Active Directory Trust Considerations
Last week Will “harmj0y” Schroeder published an excellent technical article titled “Not A Security Boundary: Breaking Forest Trusts” in which he lays out how a highly critical security compromise can be achieved across a forest boundary, resulting from a combination of default AD (security) settings and a novel attack method. His post is a follow-up to the DerbyCon talk “The Unintended Risks of Trusting Active Directory” which he had given together with Lee Christensen and Matt Nelson at DerbyCon (video here). They will also discuss this at the upcoming Troopers Active Directory Security Track (details on some more talks, including Sean Metcalf’s one, can be found in this post or this one).
Continue reading “ERNW Whitepaper 67: Active Directory Trust Considerations”
Continue readingAnd Five Talks More Were Accepted at TROOPERS19!
And five talks more were chosen for TROOPERS19! It sounds like it is going to be the best year ever again…
Follow us on Twitter (@WEareTROOPERS) for more information and do not hesitate to use our hashtag #TR19 when you have questions or remarks about TROOPERS19!
Your TROOPERS Team Continue reading “And Five Talks More Were Accepted at TROOPERS19!”
Continue readingDirectoryRanger 1.1.0 Introduces Informational Audit Checks
With version 1.1.0 our tool DirectoryRanger introduces a new feature: informational audit checks. These checks do not have a severity rating because they are just “for your information” and the included information might or might not contain security issues, depending on other facts. But these checks can help to reduce your Active Directory attack surface by pointing you to some aspects which need your attention and at least require to be discussed and documented (and they might also imply governance measures like a risk acceptance).
Continue reading “DirectoryRanger 1.1.0 Introduces Informational Audit Checks”
Continue readingFirst Talks of TROOPERS19 Accepted!
TROOPERS18 was the best year ever (did you check our archives?) and it will be challenging to do better… However, we accept the challenge!
The trainings and talks were from high quality and choices were difficult to make… We hope you will enjoy reading these little teasers!
Follow us on Twitter (@WEareTROOPERS) for more information and do not hesitate to use our hashtag #TR19 when you have questions or remarks about TROOPERS19!
With that being said, we are excited to introduce the first official five talks of TROOPERS19! Continue reading “First Talks of TROOPERS19 Accepted!”
Continue readingOn the insecurity of math.random and it’s siblings
During code reviews we often see developers using weak RNGs like math.random() to generate cryptographic secrets. We think it is commonly known that weak random number generators (RNG) must not be used for any kind of secret and recommend using secure alternatives. I explicitly did not state a specific language yet, because basically every language offers both weak and strong RNGs.
So I asked myself: What if I use a weak RNG to generate a secret? Is it possible to recover the secret from some derived value, like a hash?
Continue reading “On the insecurity of math.random and it’s siblings”
Continue readingPlume Twitter Client URL Spoofing
It is possible to spoof the URLs that Plume will open to arbitrary locations because of how Plume parses URLs. The preview of an URL in a tweet will show the complete (at least the host name and the first few chars of the URL) but shortened URL. However, if the URL contains a semicolon (;) the URL that will be opened is the part after the semicolon. Continue reading “Plume Twitter Client URL Spoofing”
Continue readingThe Dog Whisperer’s Handbook
Generally speaking, I’m more of a Cat type of guy, but I have to say I really love BloodHound. And if you do too, you are in for a treat…
Last week, the ERNW Insight Active Directory Security Summit took place in Heidelberg. (More Info)
For this occasion, @Enno_Insinuator asked me if I would like to deliver a BloodHound Workshop, and of course I accepted the challenge…
Continue reading “The Dog Whisperer’s Handbook”
Continue readingPidgin, Word Documents, my Clipboard and I
Lately, I’ve experienced some weird Pidgin crashes when I was copy&pasting into chat windows. The strange part was: I didn’t even know what triggered the crash because I actually didn’t know what was in my clipboard at this exact point. This is a quick write-up of how I investigated the issue and some interesting properties I found out about clipboards.
Continue reading “Pidgin, Word Documents, my Clipboard and I”
Continue readingActive Directory Security Summit 2018 – Slides Online
on Tuesday, 13.th of November we realized our second AD security summit with the title: “Active Directory Security: On-Prem-Security, Secure Extension into the Cloud & Secure Operations” in Heidelberg. First, we had three talks: the first one about “Active Directory Core Security Principles & Best Practices” covering hybrid AD and AD Trusts as well (by Friedwart Kuhn & Heinrich Wiederkehr from ERNW), the second one a case study about the implementation of an ESAE Forest in a big insurance company (by Fabian Böhm from Teal Technology Consulting) and the third one about a case study with respect to the (security) challenges of a hybrid AD (by Raphael Rojas from STIHL). Continue reading “Active Directory Security Summit 2018 – Slides Online”
Continue reading