Author: 0hbrian

A Floridian (former New Yorker) who worked in cybersecurity, turns screws, cuts wood, and watches way too much NBA basketball.

“the courts often don’t take these offenses seriously”

~ 0hbrian

The title of this post is a quote from Mark Rasch, a former federal prosecutor with the U.S. Justice Department regarding sentencing guidelines that saw an admitted criminal receive a sentence of time served.. Brian Krebs published an article today concerning the sentencing of admitted criminal Peter “Severa” Levashov. In short, Levashov was sentenced to … Continue reading “the courts often don’t take these offenses seriously”

What is Golden SAML?

~ 0hbrian

The Golden SAML threat vector enables an attacker to create a forged SAML “authentication object,” and authenticate across every service that uses SAML 2.0 protocol as an SSO mechanism. In a golden SAML attack, the attacker can gain access to any application that supports SAML authentication (e.g. Azure, AWS, vSphere, etc.) with any privileges they … Continue reading What is Golden SAML?

Secure Networks Vidcast with Mike Morris from Endace

~ 0hbrian

I had the fantastic opportunity to have a recorded video chat (a vidcast) with Mike Morris the Global Director of Business Development at Endace recently. Endace is in my mind the market leader when it comes to network packet capture solutions. They have really evolved network packet technology from its roots in open source TCPdump … Continue reading Secure Networks Vidcast with Mike Morris from Endace

Inference, Aggregation, and Safe Cracking

~ 0hbrian

I'm studying for the CISSP exam. Inference and aggregation are means used to take low level or partial information and use that to derive higher level information. Inference requires deduction. The lower level information provides clues. Aggregation is a mathematical or mechanical process. Apply inference and aggregation to safe cracking (or lock picking). Using inference … Continue reading Inference, Aggregation, and Safe Cracking