CQURE’s Top 3 Cyber Security Tutorials

In this CQURE HacksWeekly we’re re-sharing our TOP3 tutorials. They come from 3 different categories — penetration testing, forensics and secure server.

Server Message Block: SMB Relay Attack

In this blog post we are going to discuss SMB Relay Attack. SMB Relay Attack is a type of attack which relies on NTLM Version 2 authentication that is normally used in the most of the companies. Unfortunately, when we are listening to what is going on in the network, we’re able to capture a certain part of the traffic related with the authentication and also relay it to the other servers.

Learn more about this topic

Memory Dump Analysis – extracting juicy data

In this post I will show you how to perform memory dump and how to, by using different types of tools, extract information from the memory dump. It is fantastic to learn it in order to follow the incident response activities and also how to extract the information from the memory, so that we are able to get a little bit more insight about what was, or is, working in the operating system at that moment.

Learn more about this topic

Microsoft Local Admin Password Solution (LAPS) – Deployment Steps

Local administrator’s passwords on servers and workstations are usually unmanaged or set up to be the same. In both cases, this is a mistake. In this tutorial you will learn how to manage centrally passwords and make sure that they are different on every computer in the enterprise. All for that if someone gets into one of the computers and steals local hashes, one is not capable to single-sign-on amongst other computers.

Learn more about this topic