Risky Business #313 -- Why you should know PowerShell

Why use pwdump when you can just ask 'doze nicely?
14 Mar 2014 » Risky Business

On this week's show we have a look at PowerShell, the Microsoft sorta scripting language admin thingy. As it turns out, PowerShell can be an attacker's best friend when it comes to lateral movement through a network. We'll chat with Kieran Jacobson about that in this week's feature interview. He did a cracker presentation at CrikeyCon where he demo'd owning a domain controller and dumping all its creds with something like five lines of PowerShell. I mean, there are caveats there, but wow... the demotime was food for thought.

This week's show is sponsored by HackLabs. HackLabs head honcho Chris Gatford joins the program in this week's sponsor interview to have a yarn about the upcoming great XP switch of 2014. Ditching XP in your environment shouldn't be a supreme challenge, but what about specialist devices? Like the heart monitor that you can't patch but needs to be networked so you can know Mr. Jones in 14F is about to have a heart attack? Yeah, that'd be one of those intractable problems. Yay.

Show notes

Study Shows 'Metadata is Highly Sensitive' | Threatpost | The first stop for security news
http://threatpost.com/study-shows-phone-metadata-is-highly-sensitive/104767

HTTPS Traffic Attacks Leak Sensitive Personal Details | Threatpost | The first stop for security news
http://threatpost.com/new-attacks-on-https-traffic-reveal-plenty-about-y...

NSA Has Been Hijacking the Botnets of Other Hackers | Threat Level | Wired.com
http://www.wired.com/threatlevel/2014/03/nsa-botnet/

NSA Denies Impersonating Facebook to Exploit Targets | Threatpost | The first stop for security news
http://threatpost.com/nsa-denies-impersonating-facebook-to-exploit-targe...

Charitable Prelude to Pwn2Own Not Without Its Critics | Threatpost | The first stop for security news
http://threatpost.com/charitable-prelude-to-pwn2own-not-without-its-crit...

Vupen Cashes in Four Times at Pwn2Own 2014 | Threatpost | The first stop for security news
http://threatpost.com/vupen-cashes-in-four-times-at-pwn2own/104754

Weak Early Random PRNG Threatens iOS 7 Kernel Mitigations | Threatpost | The first stop for security news
http://threatpost.com/weak-random-number-generator-threatens-ios-7-kerne...

Researcher Eric Filiol Withdraws CanSecWest Presentation | Threatpost | The first stop for security news
http://threatpost.com/cansecwest-presenter-self-censors-risky-critical-i...

162,000 WordPress Sites Used in DDoS Attack | Threatpost | The first stop for security news
http://threatpost.com/162000-wordpress-sites-used-in-ddos-attack/104745

NTP Amplification DDoS Attacks Increasing | Threatpost | The first stop for security news
http://threatpost.com/ntp-amplified-ddos-attacks-on-the-rise/104741

Experian Lapse Allowed ID Theft Service Access to 200 Million Consumer Records - Krebs on Security
http://krebsonsecurity.com/2014/03/experian-lapse-allowed-id-theft-servi...

Energy Watering Hole Attack Used LightsOut Exploit Kit | Threatpost | The first stop for security news
http://threatpost.com/energy-watering-hole-attack-used-lightsout-exploit...

Malware Analysis: The Final Frontier: LightsOut EK: "By the way... How much is the fish!?"
http://malwageddon.blogspot.com.au/2013/09/unknown-ek-by-way-how-much-is...

MelbourneIT stores domain passwords in cleartext - Security - Technology - News - iTnews.com.au
http://www.itnews.com.au/News/374095,melbourneit-stores-domain-passwords...

How Target detected hack but failed to act -- Bloomberg | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57620289-83/how-target-detected-hack-bu...

Backdoor in Samsung Galaxy Devices Could Give Attackers Access | Threatpost | The first stop for security news
http://threatpost.com/backdoor-in-samsung-galaxy-devices-could-give-atta...

Google Fixes Four High-Risk Flaws in Chrome Before Pwn2Own | Threatpost | The first stop for security news
http://threatpost.com/google-fixes-four-high-risk-flaws-in-chrome-before...

Microsoft Resolves IE Zero Day with Patch Tuesday Release | Threatpost | The first stop for security news
http://threatpost.com/microsoft-closes-ie-zero-day-ships-final-xp-patch-...

IE Zero Day Exploits Increase Just Before Patch | Threatpost | The first stop for security news
http://threatpost.com/hackers-milk-ie-zero-day-before-patch/104713

Apple iOS 7.1 Fixes More Than 20 Code-Execution Flaws | Threatpost | The first stop for security news
http://threatpost.com/apple-ios-7-1-fixes-more-than-20-code-execution-fl...