Cached Credentials: Important Facts That You Cannot Miss
Why changing your cached credentials to 0 or 1 is… pointless? I will show you how cached logon data works, what is inside, how we're able to overwrite it, and what kind of threat it exposes.
Read moreUser Secrets: How to Get Them Back Using Password Recovery Tools
Cybersecurity professionals know that they could be called on at any time to recover a user secret. For example, if an employee's profile is corrupted or user secrets have to be decrypted offline (e.g. during analysis of the forensic image of the operating system). Find out about some tools capable of decrypting secrets protected using DPAPI and get an outline of how to use them.
Read more
Hacks Weekly #49 Introduction to Boot Monitoring
Capturing and analyzing system boot and resuming performance data are very useful while troubleshooting slow boot times. In general, changes in the booting process may indicate that system has been compromised. It can detect or support our deduction of the presence of malware, as we can review suspicious activities. Boot monitoring may also help with the performance of the system by identifying bottlenecks in the process. Let’s start with our Introduction to Boot Monitoring.
Read more
Hacks Weekly #48 Introduction to Stackwalking
Welcome to another episode of CQURE Hacks Weekly. This time we will take you through the Stackwalking process. Stackwalking is the process of accessing, traversal and filtering of a stack trace. A stack trace also called stack backtrace or stack traceback is a report of the active stack frames at a certain point in time during the execution of a program. - the process of accessing, traversal and filtering of a stack trace.
Read more