My Distractions This Week

J Cache

3 min read
My Distractions This Week
Photo by James Kovin / Unsplash

A few things that distracted me this week:

The degree of cooperation between the Conti ransomware group and Russian government entities is becoming clearer:

Leaked Chats Show Russian Ransomware Gang Discussing Putin’s Invasion of Ukraine
Chat logs reveal that members of the Conti ransomware gang repeated Putin’s lies about Ukraine — and bemoaned their inability to buy Apple products.
The InterceptMicah Lee

The DFIR Report released their 2021 year in review. Those pesky Active Directory abuses continue to be a major attack vector for ransomware groups. It is all about the path of least resistence...

2021 Year In Review
As we come to the end of the first quarter of 2022, we want to take some time to look back over our cases from 2021, in aggregate, and look at some of the top tactics, techniques and procedures (TTP’s) we observed.
The DFIR ReportSkip to content

The Talon tool allow password spraying across LDAP AND Kerberos and across multiple domain controllers to reduce chances of lockout. This will integrate perfectly into my assessment workflow

GitHub - optiv/Talon: A password guessing tool that targets the Kerberos and LDAP services within the Windows Active Directory environment.
A password guessing tool that targets the Kerberos and LDAP services within the Windows Active Directory environment. - GitHub - optiv/Talon: A password guessing tool that targets the Kerberos and ...
GitHuboptiv

Jack Rhysider from Darknet Diaries released an awesome episode about the current state of the online criminal underworld. SPOILER ALERT: Maybe consider a multifactor authentication method other than SMS-based authentication ;)

Dirty Coms – Darknet Diaries
This episode we talk with a guy named Drew who gives us a rare peek into what some of the young hackers are up to today. From listening to Drew, we can see that times are changing for the motive behind hacking. In the ’90s and ‘00s it was done for fun and curiosity. In the ’10s Anonymous showed us w…

Who needs SANS training when you can just listen to scam rap for all your hacking tutorial needs. Check out the HBO Max show Generation Hustle for more on the "artist" mentioned in the article.