Bye Bye 2015

In 2015, we drank a lot of Stumptown Coffee – roughly 900 homebrewed or take away cups and thirty 12oz whole bean bags bought.  It feuled a busy year as we worked around the world clock. We reminisced about the 2000s – everything from our involvment of Y2K radio reprogramming, The Great Translator Invasion, and the time the office got burglarized and the thieves took all the junk computers saved for an e-recycle drop off (yes!) and stole all the bottled water (shortage / drought in California?!) Needless to say, we have accumulated a lot of stories over the years.

In the cliché of looking back, I realize that there are a lot of projects and lists unfinished to complete in 2015 – two days left! Prioritizing critical events and client visits, come first over completing tasks like “You know < pause > I really need to update a wiki page!” or “Can we set up our twitter to amazon.com order?” And at the same time, those seem faster and easier to do in 10 minutes than what has been on our bucket lists. Anyone want to be an intern? Hah. I guess sipping coffee in 10 minutes became a priority and we had to put down the keyboard while drinking (fear of spillage).  All jokes aside, we look forward to 2016. Happy New Year.  + | shew |

+ I’ve been focused in 2015 on crafting malicious documents and VM forking.

It’s now been 10 years teaching at SANS Check out SEC660: Advanced Penetration Testing, Exploit Writing, and Ethical Hacking course and lead author Stephen Sims 

+ | jim.shew |

Cybersecurity thoughts on Presidents’ Day

In January 2008, the Bush Administration established the Comprehensive National Cybersecurity Initiative (CNCI).  Recently, the Obama Administration released several notices on cybersecurity, below is an Executive Order.

By the authority vested in me as President by the Constitution and the laws of the United States of America, it is hereby ordered as follows: 

Section 1. Policy. In order to address cyber threats to public health and safety, national security, and economic security of the United States, private companies, nonprofit organizations, executive departments and agencies (agencies), and other entities must be able to share information related to cybersecurity risks and incidents and collaborate to respond in as close to real time as possible.

Continue reading here http://www.whitehouse.gov/the-press-office/2015/02/13/executive-order-promoting-private-sector-cybersecurity-information-shari

It is of note, during this White House Summit held at Stanford University, CEOs from Google, Yahoo, Facebook – absent. Tim Cook, Apple CEO, attended.

SMALL TALK  On a coffee + laptop observational side note:  I was at a coffeebar on Saturday and there were only Macs everywhere.  Yes, I did the 360 check while waiting for my Americano-latte.  It’s like you could only stay and drink coffee if you owned an Apple product … and sign on the Square POS iPad (which can we agree we love / hate the emailed receipt?!).  So apparently, if I bring my ThinkPad, I might need to trek down to other coffeeshop down the street – they use an older school Point of Sale system and have the most amazing hazelnut gelato.  + | shew |

Welcome

stumptown at sidecarNERD TALK  requires more espresso.  And since it’s late, ahem early am and we are up wrestling technical fun time warps, I’ll save my eloquent thoughts for the mid morning first jumpstart shot of caffeine.  Thank you Sidecar, Stumptown, Rose Park, and even in the pinch, Starbucks for the assists.

+  | shew |

UPDATE 15.48 |  A Nice SRP Circumventing Trick | During a recent penetration test, my goal was to smuggle data around out of a hardened virtual application.  This particular test, included a vApp designed to restrict everything not needed to display and edit a Word document.  Between Group Policy Objects and Software Restriction Policies, there were practically no third-party applications available to manipulate, and most Windows internal programs were either removed or hijacked by a Digital Rights Management DLL.

Read more