In the world of computing, the way we store and manage data is constantly evolving. One such significant change is the transition from the traditional Master Boot Record (MBR) system to the more modern GUID Partition Table (GPT) system. While both serve the critical function of telling our systems where data is stored and how to boot, GPT brings a host of advantages over its predecessor, from supporting larger disk sizes to improved data corruption handling.
Continue readingAuthor: Michael Waterman (Page 3 of 4)
In today’s interconnected world, cybersecurity is not just a technical consideration but a vital component of any organization’s strategy. One essential principle to uphold in maintaining a secure environment is the ‘clean source’ principle. This principle dictates that we should trust only those software and systems that we can verify come from a trusted, clean source.
To support this idea, this blog post will demonstrate how to create a secure predictable environment for the creation of up to date of ISO files. We will be using Microsoft Deployment Toolkit (MDT) and PowerShell, both widely trusted and accessible tools.
Continue reading
During my time at Microsoft, I had the opportunity to work with some of the most innovative technologies in the industry. One of those technologies was Native VHD Boot, which I had the chance to explore during the beta testing phase of Windows 7 back in 2008. At the time, very little information was available to the public about this groundbreaking technology.
Continue reading
During a recent 3-month security course, I was asked on my exam to construct a Security Descriptor Definition Language (SDDL) string for a Windows object. While I was able to come up with a valid string, the experience left me curious to explore the full extent of what SDDL could do. As I delved deeper into the topic, I discovered that SDDL is a powerful tool for managing permissions on Windows objects, allowing you to fine-tune access controls with precision. In this blog post, I’ll share my journey with SDDL, exploring its ins and outs, and demonstrating how you can use it to control access to various Windows objects, including services and folders.
Continue reading
Privilege escalation is a common attack vector used by attackers to gain higher levels of access to a computer system. One type of privilege escalation attack is the “Unquoted Service Path“, which is a vulnerability that exists in Windows operating systems. This type of attack can allow a threat actor to execute malicious code with elevated privileges, which can have serious consequences such as data theft or a complete system compromise. In this blog post, I’ll delve into the mechanics of Unquoted Service Path attacks and how they can be prevented. Understanding these types of attacks and how to defend against them is critical for protecting computer systems and sensitive data.
Continue reading
Do you want to know a secret? You probably do, question is, would you like it if anyone else knew your secret as well? I am guessing not. That is why, on the Internet, we use encryption for the data that we send and receive, just to make sure that someone else is not listening in on our conversation. Encryption is not only used when directly communicating with each other, it is also used for something we call “integrity”, a.k.a. “I want to make sure that I get what the other end is sending without anyone modifying it in transit”. So, use encryption anywhere! read on while we explore the basics on how data is securely transferred from one place to another using Diffie-Hellman key exchange.
Continue reading
I sometimes get nostalgic about the technology that was hot and happening a few years ago, this is especially true for Windows To Go. A nice little piece of technology that allows Windows to boot from a specially crafted USB stick. When it was introduced, it required specific USB pen drives as, at the time, USB equipped with internal fast storage was not really that common. Compared to what’s available now it was very expensive and limited to a few vendors. Although the UI for creating a WTG pen drives has been removed it’s really not that hard to manually create one.
Continue reading
The Windows operating systems from its humble beginning up to the point where it is today has gone through tremendous chances to battle all the emerging security threads. Among those are the most rudimentary forms of disruption up to the very sophisticated state sponsored attacks which can lead to the destabilization of society. As the saying goes in the industry, it’s always a rat race.
Continue reading
A couple of days ago I had to deal with a situation where our vulnerability tool was complaining that the root certificate store wasn’t updated for a while. This process runs every 7 days, so it takes some time before you will notice any error messages, as was in my case. After doing some research it turned out that the update service for the Microsoft root certificate program was blocked. That in turn triggered me to dig into the more technical side of the Microsoft Root certificate program.
Continue reading
Welcome to the last of a three part series about Ubuntu and Active Directory. In my previous posts I explained how you could, in just a few steps, join an Ubuntu machine to an Active Directory domain and manage it accordingly. This time I’m addressing centralized management of sudo users. Meaning who can execute commands as sudo on managed Linux desktops (in my case Ubuntu).
Continue reading