I’ve enjoyed a fascinating and deeply fulfilling career in cybersecurity that has taken me all over the world, and now I want to share my experience of working in what I consider to be the most fun and exciting industry out there. That’s why I held a live event to answer questions on what it’s really like to work on digital defense’s frontline. If you’re curious about how to advance in the industry or have a friend or relative who wants to work in cybersecurity, these insights from me and from the CQURE team are for you.
Why changing your cached credentials to 0 or 1 is… pointless? I will show you how cached logon data works, what is inside, how we're able to overwrite it, and what kind of threat it exposes.
Cybersecurity professionals know that they could be called on at any time to recover a user secret. For example, if an employee's profile is corrupted or user secrets have to be decrypted offline (e.g. during analysis of the forensic image of the operating system).
Find out about some tools capable of decrypting secrets protected using DPAPI and get an outline of how to use them.
When contemplating cybersecurity, companies often overlook the risks posed by social engineering and focus only on infrastructure and technology. But with humans still forming the weakest part of the security chain, the very real threat of social engineering should definitely not be ignored.
The new year has arrived! As we prepare to step into a metaphorical clean slate, many people are reignited by the idea of pursuing a new direction with greater goals, hopes, and dreams.
USB attacks cannot take place without human involvement because they rely on an individual (either knowingly or unknowingly) inserting a flash drive laced with malware into an unprotected device, typically located in a public place such as an office. Sometimes the drives are inserted out of curiosity, but they can also be plugged into a computer located nearby in a misguided act of helpfulness.