The purpose of this blog post is to explain how Secure Boot works. In particular, we will explain where current implementations of Secure Boot by Linux distributors fall short compared to Microsoft Windows and Apple macOS. Major distributors like Canonical, Debian, openSUSE, and Red Hat place a high priority on making their operating systems work out of the box. Given the current Linux land ...| Insinuator.net
Many Linux hardening guides focus on well-known protections: full-disk encryption, Secure Boot, and password-protected bootloaders. While these measures are critical, they often overlook a subtle but serious attack vector: the ability to drop into a debug shell via the Initial RAM Filesystem (initramfs). This oversight can enable an attacker with brief physical access to bypass conventional bo ...| Insinuator.net
In Firefox 95, we’re shipping a novel sandboxing technology called RLBox — developed in collaboration with researchers at the University of California San Diego and the University of Texas — that makes it easy and efficient to isolate subcomponents to make the browser more secure. This technology opens up new opportunities beyond what’s been possible with traditional process-based sandboxing, and we look forward to expanding its usage and (hopefully) seeing it adopted in other browser...| Attack & Defense
Despite all the efforts of fixing Cross-Site Scripting (XSS) on the web, it continuously ranks as one of the most dangerous security issues in software.| Attack & Defense
Apply the principle of least privilege (PoLP) to VirtualMachineInstanceMigrations| KubeVirt.io
Achieving isolation can be a complicated issue. Learn about how you can improve your environment security with this post.| The Red Guild
どうも、野溝のみぞうです。前回大好評をいただいたひよこまめ教習所ですが、引き続き第2回を開催いたしました。前回の開催記録| やわらかセキュリティ
どうも、野溝のみぞうです。最近本を出版したりとても充実した生活を送っていますが、忙しい中でもどうしてもやりたかった取り組みを実現することができたので、書き残しておきます。もしこれを呼んでいる方で教習所にご参加いただいた方| やわらかセキュリティ
どうも、野溝のみぞうです。おかげさまで毎日締め切り駆動のめちゃくちゃ忙しい日々を送っていて正直ブログなど書いている場合で| やわらかセキュリティ
Presentation on the need to re-examine how we engineer systems (taking service providers as an example) and the implications on how we quantify cyber risk if we want to take this message into the board room (as given at BT’s SnoopCon 2019 and Cisco’s June 2019 Knowledge Network webinar for service providers). Having delivered security […] The post Security Engineering – A manifesto for defensive security appeared first on Portcullis Labs.| Portcullis Labs
By way of an introduction to our talk at Black Hat Europe, Security Advisory EMEAR would like to share the background on our recent research into some common Active Directory integration solutions. Just as with Windows, these solutions can be utilized to join UNIX infrastructure to enterprises’ Active Directory forests. Background to Active Directory integration […] The post An offensive introduction to Active Directory on UNIX appeared first on Portcullis Labs.| Portcullis Labs
Presentation on Active Directory integration solutions for UNIX (as given at Black Hat Europe 2018). Over the past fifteen years there’s been an uptick in “interesting” UNIX infrastructures being integrated into customers’ existing AD forests. Whilst the threat models enabled by this should be quite familiar to anyone securing a heterogeneous Windows network, they may […] The post Where 2 worlds collide: Bringing Mimikatz et al to UNIX appeared first on Portcullis Labs.| Portcullis Labs
Presentation on logging and auditing strategies (as given at Secure South West 11). Building on my blog post on Cisco’s security blog entitled The Importance of Logs, I put together a presentation that picks apart some of the practical aspects of building a successful logging capability focusing on the need to document “good” and curate […] The post The importance of logs: You won’t see what you don’t log appeared first on Portcullis Labs.| Portcullis Labs
どうも、野溝のみぞうです。今までHardening Projectのいちファンとして、Hardening競技会非公式同人| やわらかセキュリティ
どうも、のみぞうです。ありがたくも今年もHardening本戦に参加させていただくことができました(連続参加4年目)正直| やわらかセキュリティ
どうも、のみぞうです。Hardening競技会に役立つかもしれないTryHackMeのルームを順番にやっていこうシリーズ| やわらかセキュリティ
Port knocking is like a secret handshake or magic word between client and server. It can be used in various ways, but most commonly as a security feature to deny all contact to a specific service - li| ITTavern.com
Linux 6.1-rc1 was tagged on October 16th, 2022 and includes a bunch of nice things from my team that I want to highlight. Our goal is to make the Linux kernel running on IBM's Power CPUs more secure, and landed a few goodies upstream in 6.1 to that end.| sthbrx.github.io
This is an updated version from last year. Thank you for the great feedback! This article covers mainly the configuration of the SSH service and only references ways to protect the service on the hos| ITTavern.com