This deserves a lot of attention, I have been noticing a lot of people on reddit, TH-cam, linkdin flexing on zero trust without knowing whatever you just said
Maybe they're not old enough to remember windows vista. The fun thing about vista is, even it was the slowest OS ever made and ever to be made, what people seemed to hate even more, was UAC. So, people can live with a slow system, but they cannot live with the computer asking permission to run certain tasks
Hacker-proof method for life: Sell your computer, relinquish any and all technology, live out the rest of your life in a cave - stone tools only.... Your move hackers...
🤣 this harks to the last point in my comment on this vid. Got a solid laugh from this. It’s actually funny to me… some of the best guys I know in the industry have no serious industrial level or even custom made tools at their disposal for home threat detections… you know what they own? A really carnal German Shepherd 😂
I've said for many years. Your security is only as necessary as your threatmodel dictates. My org has alcohol companies as customers, and sales keeps having customer websites blocked. The moment I have senority to remove needless security policies, and actually implement good policy, I can't wait.
Damn, you started getting passionate there near the end. Its so awesome to see someone this dedicated to learning in their field. Thanks for the content!
reminds me of a stupid bypass i found at my workplace, we couldnt access the C: version of cmd.exe . But by copying the executable to my user folder under a different name, a console poped-up
Blacklists and whitelists for apps won't ever really work... first party and third party apps will always have the ability to run arbitrary code from the user. Ultimately the focus must be on controlling the user's permissions, then it doesn't matter what code they run. Maybe they can get local access to everything (because local access to something == game over) but remote access can be controlled. As for the permission dialog you show at the end, this is why UAC supports digital signatures. Such a ruse would not work on a UAC dialog if the original app has a digital signature (and you train users to reject unsigned apps... of course, in a "Zero Trust" environment users probably shouldn't be able to use UAC dialogs!). In a "Zero Trust" environment I would expect you would want to digitally sign all your apps, either from the original vendor, or by your own organization's certs if the vendor provides none (that's a thing I assume you can do, right?). Also I would suggest such a dialog is not consistent with "Zero Trust", since it shows administrators don't want to manage the whitelist and are pushing that responsibility onto users. As your example shows this can easily negate the benefits.
HiJohn. I’m curious about something. Because you seem to “chill” about all of these viruses & attacks ect. What is something you find difficult or challenging? Referring to any sorts of coding or viruses ect.
Well, my first comment disappeared. So here's a second one. I find the biological psychological approach a fascinating one. Here, that is demonstrated by the fact that the human brain registers input based on its best ability to reason from previous experience or it uses its best hypothesis for contemplating and reacting to a new experience where it will then formulate a more concrete response later in life from its receive feed back. O/i o/i can change the response in the future for both. If that makes sense, sort of brainstorm explained it.
I actually really enjoyed this video, and my school I have been trying to find vulnerabilitys out on the computers and servers (not for bad reasons like changing grades) Me and 2 of my friends dig deeper everynow and then figuring out more tricks and things that should be blocked. When I leave school we are going to have a list of all these things that need to be fixed. we are currently working on trying to find the admin password, we have gotten into private folders (of which students should be able to get too.)
so how would hacker bypass the security of a plume pod router i would love to know because i know security is important especially account and networking but about network security how would someone like a hacker bypass my plume pod router security if you could let me know please reply to this comment because ive always wanted to know how so pls and thank you
That line of code you let us see to (giggles) manipulate the system making it believe we are running legitimate software, is that a fragment of the Windows source code? I can imagine you had to ask around to know exactly to what line of code you had to search for otherwise it would take us ages to figure it out with the emphasis on "Figure"?
I'm stoked to find your channel! Thanks for everything! You are a wonderful teacher! Make no apologies for your style, i dig it tremendously 🫀🫀🫀 You are great!
@@LambdaTechnology If a system is built on a lack of trust then who is to blame the people for not trusting your reason given. If you assume the worst in people then the people should assume the worst in you.
@gameglitcher Well said. This comment (and vid as a whole) reminded me of what I saw a few months back when the new flavor of Emotet came rampaging back. It’s using some super trivial Social Engineering by recreating the Security Warning badge (which downplays the real badge warning at the top of the downloaded excel file)… and then quite literally asks the user to drop the downloaded file in the trusted ../Templates folder. Once there, the system asks for permission, the macros in the excel execute, and Voila! You’re now dealing with an embedded crypto miner, an instance of Cobalt Strike, or even a ransomware event. This video shows how Ivan probably took into account and then simply found a way to take advantage of, zero trust policies when he was re-authoring Emotet. Really interesting stuff.
I tend to prefer "cyber resilience" much more over "zero trust." What do you think?
How about cyber immunity ? 🤔
One thing I learned in my cybersecurity class was "trust but verify". Idk if this applies but it sounds accurate.
I think "cyber resilience" will become a buzz word too 😅
Cracked cobalt strike :/
@@d_cb "Real threat actor" kek
Having a threat model really helps, but having good security practices is nice as well
This deserves a lot of attention, I have been noticing a lot of people on reddit, TH-cam, linkdin flexing on zero trust without knowing whatever you just said
Maybe they're not old enough to remember windows vista. The fun thing about vista is, even it was the slowest OS ever made and ever to be made, what people seemed to hate even more, was UAC.
So, people can live with a slow system, but they cannot live with the computer asking permission to run certain tasks
Hacker-proof method for life: Sell your computer, relinquish any and all technology, live out the rest of your life in a cave - stone tools only.... Your move hackers...
🤣 this harks to the last point in my comment on this vid. Got a solid laugh from this.
It’s actually funny to me… some of the best guys I know in the industry have no serious industrial level or even custom made tools at their disposal for home threat detections… you know what they own? A really carnal German Shepherd 😂
You better add a decent door and lock to that cave.
Door, nope. Have lion as a door
..... Drone ....
I've said for many years. Your security is only as necessary as your threatmodel dictates.
My org has alcohol companies as customers, and sales keeps having customer websites blocked.
The moment I have senority to remove needless security policies, and actually implement good policy, I can't wait.
Thanks John for sharing such informative videos for the security community. Your videos really have good practical approach. Loved it ❤
Damn, you started getting passionate there near the end. Its so awesome to see someone this dedicated to learning in their field. Thanks for the content!
Hey John .. this video was really useful as always... Thanks for sharing whatever you are gaining on our cyber domain..
Great video as always John! The mirror image causing the logo on your hoodie to switch sides by the camera freaked me out though 😂😂
6:38 I also have a local account with a similar name: "unprilivileged"
I guess security folks think in similar ways lol
This kind of video are extraordinary. Brilliant, keep going
reminds me of a stupid bypass i found at my workplace, we couldnt access the C: version of cmd.exe . But by copying the executable to my user folder under a different name, a console poped-up
17:18 Always remember, "Alert fatigue" is how Uber got hacked! Just because something requires manual approval doesn't mean it's 100% secure!
Blacklists and whitelists for apps won't ever really work... first party and third party apps will always have the ability to run arbitrary code from the user. Ultimately the focus must be on controlling the user's permissions, then it doesn't matter what code they run. Maybe they can get local access to everything (because local access to something == game over) but remote access can be controlled.
As for the permission dialog you show at the end, this is why UAC supports digital signatures. Such a ruse would not work on a UAC dialog if the original app has a digital signature (and you train users to reject unsigned apps... of course, in a "Zero Trust" environment users probably shouldn't be able to use UAC dialogs!). In a "Zero Trust" environment I would expect you would want to digitally sign all your apps, either from the original vendor, or by your own organization's certs if the vendor provides none (that's a thing I assume you can do, right?).
Also I would suggest such a dialog is not consistent with "Zero Trust", since it shows administrators don't want to manage the whitelist and are pushing that responsibility onto users. As your example shows this can easily negate the benefits.
HiJohn. I’m curious about something. Because you seem to “chill” about all of these viruses & attacks ect.
What is something you find difficult or challenging? Referring to any sorts of coding or viruses ect.
Good stuff John! Keep it up!
Great as always. Keep it up !
this entire video could be summed up in one word. Would you like to give access to your computer to an unverified application? “yes”
Gotta start a John Hammond bingo :D
Thanks
Well, my first comment disappeared. So here's a second one. I find the biological psychological approach a fascinating one. Here, that is demonstrated by the fact that the human brain registers input based on its best ability to reason from previous experience or it uses its best hypothesis for contemplating and reacting to a new experience where it will then formulate a more concrete response later in life from its receive feed back. O/i o/i can change the response in the future for both. If that makes sense, sort of brainstorm explained it.
sorry for being late, I was in college , i love your videos
i like the new studio keep up ^_^
He spared no expense.
I actually really enjoyed this video, and my school I have been trying to find vulnerabilitys out on the computers and servers (not for bad reasons like changing grades)
Me and 2 of my friends dig deeper everynow and then figuring out more tricks and things that should be blocked.
When I leave school we are going to have a list of all these things that need to be fixed. we are currently working on trying to find the admin password, we have gotten into private folders (of which students should be able to get too.)
Awesome insight Johny boy!
thank you bro i appreciate it my friend
Great video. 👍
Informative video thankss😁
Trust Assurance :)
Ultimate
Your videos are really awesome..
I love your hoodie
what brand or where did you get your glasses frames
so how would hacker bypass the security of a plume pod router i would love to know because i know security is important especially account and networking but about network security how would someone like a hacker bypass my plume pod router security if you could let me know please reply to this comment because ive always wanted to know how so pls and thank you
That line of code you let us see to (giggles) manipulate the system making it believe we are running legitimate software, is that a fragment of the Windows source code?
I can imagine you had to ask around to know exactly to what line of code you had to search for otherwise it would take us ages to figure it out with the emphasis on "Figure"?
I'm stoked to find your channel! Thanks for everything! You are a wonderful teacher! Make no apologies for your style, i dig it tremendously 🫀🫀🫀 You are great!
The god is back
Make more cobalt strike vids
I love these videos
zero-trust, trust nothing including zero-trust
I thought HTA files were dead? Windows Defender detects everything and will block execution !
the hta from cobalt not detected by AV / win defender?
14:32 😅
AI Malware ? Here it is we are in Neuromancer ?
Googie
Pretty sure it is a game of cat and cat who are both chasing the mouse to get their cheese.
This is a pretty good take… I see what you did there
@@LambdaTechnology If a system is built on a lack of trust then who is to blame the people for not trusting your reason given. If you assume the worst in people then the people should assume the worst in you.
@gameglitcher Well said.
This comment (and vid as a whole) reminded me of what I saw a few months back when the new flavor of Emotet came rampaging back. It’s using some super trivial Social Engineering by recreating the Security Warning badge (which downplays the real badge warning at the top of the downloaded excel file)… and then quite literally asks the user to drop the downloaded file in the trusted ../Templates folder. Once there, the system asks for permission, the macros in the excel execute, and Voila! You’re now dealing with an embedded crypto miner, an instance of Cobalt Strike, or even a ransomware event.
This video shows how Ivan probably took into account and then simply found a way to take advantage of, zero trust policies when he was re-authoring Emotet. Really interesting stuff.
👍
❤❤
hohoho :D can you try on my system ? sir?
Ahh the mshta! LoLbins
can you add subtitles in your video?
the responsibility is on the people who chose the terrible font that makes I look like l.
Someone blind wouldn't be foooled though. This is one attack which is less likely to succeed with blind people than seeing people
India Viewer's:) Let me know in Reply -----)
ok now show how create fake Chrome browser with integrated virus like in Brave :D
i hate this title so much
paymoneywubby?
👍🏻