Tradecraft Security WeeklySubscribe
Email security, Vulnerability Management

Leaking Windows Creds Externally via MS Office – Tradecraft Security Weekly #21

In this episode of Tradecraft Security Weekly, Mike Felch talks with Beau Bullock about the possibilities of using framesets in MS Office documents to send Windows password hashes remotely across the Internet. This technique has the ability to bypass many common security controls, so be sure to add it to your red team toolboxes. Mike Felch (@ustayready) Beau Bullock (@dafthack) LINKS: SensePost Blog - https://www.dropbox.com/s/hmna48mc6qodlrw/TSW%20Episode%2021.mp4?dl=0

[audio src="http://traffic.libsyn.com/tswaudio/Leaking_Windows_Creds_Externally_Via_MS_Office_-_Tradecraft_Security_Weekly_21_converted.mp3"]

Related

US automaker subjected to FIN7 attack

BlackBerry researchers disclosed that a major U.S.-based multinational automaker had been targeted by the FIN7 hacking group in a spear-phishing attack late last year that sought to facilitate systems compromise with the Anunak malware, BleepingComputer reports.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.