Do you know what really ticks me off? Stuff that doesn’t work as expected. Exactly that happened to me today while I revisited configuring a “Privileged Access Workstation” (PAW). Now a PAW is used to safeguard highly privileged credentials in a domain or cloud environment. In essence it’s a workstation used solely for admin work, all infrastructure management is done from this machine. While talking about configuring a PAW is beyond the scope of this blog post, I do need to point out that “Domain Admins” and equivalent groups should never ever have local admin rights on a PAW, they should be regular users, reducing the risk of credential theft and the obvious malware infection that usually follows.
Continue readingCategory: Cybersecurity (Page 2 of 3)
Introduction
In the realm of Public Key Infrastructure (PKI), where the keys to digital security are exchanged, stored, and safeguarded, cryptographic providers play a pivotal role. These providers are the guardians of cryptographic keys, ensuring the integrity, confidentiality, and authenticity of digital communications. They are the invisible sentinels that underpin the very foundation of trust in the digital world.
Continue readingWith Public Key Infrastructure (PKI), cryptographic hash functions play a pivotal, yet often understated role, operating ceaselessly to secure the integrity and authenticity of digital data as it navigates through contemporary communication networks. To appreciate fully the indispensable role they occupy in PKI, it is essential first to delineate the fundamental principles of hash functions and to understand why they are frequently analogized as the digital fingerprints within the cybersphere.
Continue readingAs I advance into the heart of PKI in this second installment, the focal point shifts towards two important decisions that anyone involved in setting up a PKI must deal with, choosing the appropriate key length and the cryptographic algorithm. These choices are far from arbitrary, for they are the foundation of a secure and efficient PKI. The selection at this stage will determine the resilience against cyber treats for the foreseeable future.
(updated on 05-05-2025)
Continue readingIn the intricate realm of modern digital communication, trust and security form the bedrock upon which data integrity, confidentiality, and authentication rest. Public Key Infrastructure, commonly referred to as PKI, stands as an elegant solution to the complex challenge of establishing and maintaining this foundation of trust in a digital age.
Continue reading
In the world of computing, the way we store and manage data is constantly evolving. One such significant change is the transition from the traditional Master Boot Record (MBR) system to the more modern GUID Partition Table (GPT) system. While both serve the critical function of telling our systems where data is stored and how to boot, GPT brings a host of advantages over its predecessor, from supporting larger disk sizes to improved data corruption handling.
Continue reading
In today’s interconnected world, cybersecurity is not just a technical consideration but a vital component of any organization’s strategy. One essential principle to uphold in maintaining a secure environment is the ‘clean source’ principle. This principle dictates that we should trust only those software and systems that we can verify come from a trusted, clean source.
To support this idea, this blog post will demonstrate how to create a secure predictable environment for the creation of up to date of ISO files. We will be using Microsoft Deployment Toolkit (MDT) and PowerShell, both widely trusted and accessible tools.
Continue reading
During a recent 3-month security course, I was asked on my exam to construct a Security Descriptor Definition Language (SDDL) string for a Windows object. While I was able to come up with a valid string, the experience left me curious to explore the full extent of what SDDL could do. As I delved deeper into the topic, I discovered that SDDL is a powerful tool for managing permissions on Windows objects, allowing you to fine-tune access controls with precision. In this blog post, I’ll share my journey with SDDL, exploring its ins and outs, and demonstrating how you can use it to control access to various Windows objects, including services and folders.
Continue reading
Privilege escalation is a common attack vector used by attackers to gain higher levels of access to a computer system. One type of privilege escalation attack is the “Unquoted Service Path“, which is a vulnerability that exists in Windows operating systems. This type of attack can allow a threat actor to execute malicious code with elevated privileges, which can have serious consequences such as data theft or a complete system compromise. In this blog post, I’ll delve into the mechanics of Unquoted Service Path attacks and how they can be prevented. Understanding these types of attacks and how to defend against them is critical for protecting computer systems and sensitive data.
Continue reading
Do you want to know a secret? You probably do, question is, would you like it if anyone else knew your secret as well? I am guessing not. That is why, on the Internet, we use encryption for the data that we send and receive, just to make sure that someone else is not listening in on our conversation. Encryption is not only used when directly communicating with each other, it is also used for something we call “integrity”, a.k.a. “I want to make sure that I get what the other end is sending without anyone modifying it in transit”. So, use encryption anywhere! read on while we explore the basics on how data is securely transferred from one place to another using Diffie-Hellman key exchange.
Continue reading