Outer Web | Explore

Explore >> Select a destination

You are here		securityuncorked.com WiFi Security: The 3 Types of WiFi Networks - Security Uncorked
\|	\|	shenaniganslabs.io Airstrike Attack - FDE bypass and EoP on domain joined Windows workstations (CVE-2021-28316) \| Shenanigans Labs	13.1 parsecs away Travel
\|	\|	By default, domain joined Windows workstations allow access to the network selection UI from the lock screen. An attacker with physical access to a locked device with WiFi capabilities (such as a laptop or a workstation) can abuse this functionality to force the laptop to authenticate against a rogue access point and capture a MSCHAPv2 challenge response hash for the domain computer account. This challenge response hash can then be submitted to crack.sh to recover the NTLM hash of the computer account in less than 24 hours. Once recovered, this NTLM hash combined with the domain SID can be used to forge Kerberos silver tickets to impersonate a privileged user and compromise the host. An example of this is to create a silver ticket for the CIFS service of the laptop in order to authenticate over SMB as the SYSTEM user and gain unrestricted access to the hard disk. As the attack can be performed from a locked device, it can be utilised to bypass BitLocker full disk encryption and gain access to the devices file system. In addition, as silver tickets can be forged for privileged users, this attack can also be leveraged to elevate privileges to that of local administrator on the device.	13.1 parsecs away Travel
\|	\|	thathelpfuldad.com How to Secure your Wi-Fi Network - 12 tips \| That Helpful Dad	9.1 parsecs away Travel
\|	\|	In today's interconnected world, securing your Wi-Fi network is crucial to protect your personal information, sensitive data, and connected devices fro ...	9.1 parsecs away Travel
\|	\|	www.bugcrowd.com WiFi hacking tools and how to use them \| @Bugcrowd	16.1 parsecs away Travel
\|	\|	We are living in the era of WiFi 6 and WiFi Protected Access version 3 (WPA3). Processing speeds and security technologies over the past decade have improved dramatically.	16.1 parsecs away Travel
\|	\|	blog.phylum.io The xz/liblzma Compromise and Software Supply Chain Security	212.3 parsecs away Travel
\|		At the end of March 2024, a major software supply chain attack was identified: some upstream forks of the popular xz/liblzma library that underpins the massively popular OpenSSH Server was compromised. A rogue contributor appears to have worked to influence the maintainers of the library, adding in seemingly innocuous	212.3 parsecs away Travel