Dailydave mailing list archives
Re: Cicadas
From: Christian Heinrich <christian.heinrich () cmlh id au>
Date: Fri, 11 Sep 2015 08:27:09 +1000
Dave, Active Directory is the authentication standard with Microsoft Azure (of course) and can be federated with Amazon Web Services i.e. http://blogs.aws.amazon.com/security/post/Tx71TWXXJ3UI14/Enabling-Federation-to-AWS-using-Windows-Active-Directory-ADFS-and-SAML-2-0 After authentication, the SAML "binding" protocol does not enforce a secure communications channel and can therefore be transmitted over HTTP. On Fri, Sep 11, 2015 at 4:48 AM, <dmaynor () gmail com> wrote:
Dave,
Active Directory has long been my favorite target because of the power a
Domain Admin wields combined with the odds and ends that get integrated
means any bug can be devastating
The "cloud" has been making vast inroads in Enterprise customer bases. I
find companies that have started post 2010 that are large enough to require
pen tests favor the out sourced infrastructure.
Alas AD is becoming less important and Microsoft might come out ahead on the
technical debt because the pushed the can down the road far enough to where
they are no longer as important.
DaveM
On Sep 10, 2015, at 13:17, Dave Aitel <dave () immunityinc com> wrote:
Yagate shinu
Keshiki wa miezu
Semi no koe
- Basho
I updated my SILICA this morning while making pancakes for the kids, as you
do, and of course, all around me looked about with new eyes. I have a new
mesh network that a friend installed in my house and it's interesting to see
what it looks like to a wireless hacker. If you haven't seen the new SILICA
video it is here: https://vimeo.com/136964755
There's this sense that hackers get which is divorced from what is in Wired
or Business Insider or BlackHat which is "Works in the Wild". It's a
palpable thing, that sets priorities like a hot oil such that you can tell
who has "Gone Active", as they say, from their recoiling from various
technologies. One technology that is currently on the hot plate is Active
Directory. You can see from talks even at DefCon that people are looking at
WMI as a persistence mechanism in the wild. And the Microsoft talk from
INFILTRATE 2014 went over a whole methodology for attacking Active Directory
networks that dragged public discussion of the techniques into the modern
age. For decades AD has been a disaster from a security perspective - by
design - and now all that technical debt is coming due like a storm of
cicadas chirping their last song.
-dave
_______________________________________________
Dailydave mailing list
Dailydave () lists immunityinc com
https://lists.immunityinc.com/mailman/listinfo/dailydave
_______________________________________________
Dailydave mailing list
Dailydave () lists immunityinc com
https://lists.immunityinc.com/mailman/listinfo/dailydave
-- Regards, Christian Heinrich http://cmlh.id.au/contact _______________________________________________ Dailydave mailing list Dailydave () lists immunityinc com https://lists.immunityinc.com/mailman/listinfo/dailydave
Current thread:
- Cicadas Dave Aitel (Sep 10)
- Re: Cicadas dmaynor (Sep 10)
- Re: Cicadas Christian Heinrich (Sep 11)
- Re: Cicadas Thomas Quinlan (Sep 11)
- Re: Cicadas dmaynor (Sep 11)
- Message not available
- Re: Cicadas dmaynor (Sep 11)
- Re: Cicadas dmaynor (Sep 10)