RDP, cmdkey, Canary (and thee)

Last month Florian Roth (cyb3rops) reacted to the news of Mimikatz dumping RDP credentials by asking how we could easily inject fake credentials into machines. https://twitter.com/cyb3rops/status/1397440903476883458 Markus Neis pointed out that on Windows, cmdkey allows you to do this:  https://twitter.com/markus_neis/status/1397472760859856897 This is pretty awesome. Mimikatz is used by attackers the world over and having control of the data a Mimikatzer will see is a powerful tool to have. One route to looking for Mimikatz usage is injecting false credentials into

Continue Reading

Would you know if your phone was hacked?

Would you know if your phone was hacked? Even the most powerful people in the world (if you use wealth as a proxy for power) don’t. The problem is that much like your networks there are an almost unlimited number of ways for attackers to break into them, so this problem seems intractable at first blush. But (just like when they break into your networks) attackers who break into your phones are looking to achieve certain objectives, and you can use

Continue Reading

Site Footer

Authored with 💚 by Thinkst