Brutalist is a cross-platform Python3+ based command line tool that can be used to generate very large word dictionaries based on minimal input. It can take a single word like “password” and generate up to 13,198,680 combinations using common special character substitutions and suffixes, and up to all possible 3-digit numerical suffixes with all variations of special characters appended. It is a highly-specialized tool, which should be a regular go-to in the tool belt of all red teamers and pentesters.Read More
Gravemaidens is a debut novel by Kelly Coon — and again, you guys — I am blown away by the talent these debut novelists have this year! I’ll be honest, I mainly wanted to read this book because of that cover! Y’all, I’m a sucker for beautiful covers, and I’m happy to report that the story inside matched all its beauty and more.Read More
This was obviously somewhat of an edge case, but I’m sure it will apply to many other users out there, and I hope it finds them well. This was one particular case where the Arch Wiki was a little shady and left me figuring out a lot of stuff on my own — as is the case for any Arch user — which is one of the reasons we punish ourselves by using it in the first place. That being said, this method should work with minimal tweaks for just about any OS, because the main things being modified here are the underlying disk formats, partitions, kernel, and bootloader. Everything else is left untouched.Read More
Ninth House absolutely blew me away. I have read Leigh Bardugo before (The Grisha Trilogy) — Six of Crows is still on my TBR — but this book was entirely different from “The Grishaverse.” When comparing The Grisha Series against this first book in The Alex Stern Series, I would compare the Grisha series to a child perceiving the fantasy of what magic might be, which developed over time into Galaxy Stern, a real world, hardened survivor, whose very being and situation pulled her into a world she never expected to be in; a world where she eventually blossomed into a darkly-enlightened real-world practitioner of the occult — but not to meet her own ends — to act as one of the shepherds who oversees the other practitioners and holds them accountable in order to keep the magic in order and to keep the ritualists in check.Read More
Serpent & Dove is a story that features enemies to lovers and good versus evil — two of my favorite tropes in literature and pop culture. In this book, there is basically war between the church, kingdom, and witches. The church is burning witches for their crimes against humanity, while the witches are trying to reclaim the land they lost to the royal family. Mixed up in all of this, is Lou, a witch who has abandoned her coven and is living on the streets. She is both feisty and hilarious, and her brazen actions put her in the path of Reid Diggory, the captain of the church’s Chasseurs.Read More
This may sound like a boring article to many, but it is a basic overview of some very important information that is crucial to include in the repertoire of knowledge for all IT and security professionals.
In this article, we will be going over the high points for the following industry standards: PCI DSS, ISO 27001/27002, HIPAA, and the NIST/DoD frameworks, and adding some comments along the way on the relationships and effects that these policies and frameworks have on network architecture, as well as what possible implications they could have on architectural solutions. Most of the architectural solutions provided come from an Amazon Web Services perspective, but the same basic principles apply, regardless of which cloud service provider (CSP) you use, or even if your infrastructure is hosted on-premises.Read More
With the new wave of ransomware attacks we have seen at the beginning of this week, especially targeted toward Spain, we can see that mostly Windows attack vectors are mostly being utilized, in what appears to be a variant of the Bitpaymer family, related to the Dridex group of malware.
But what does the future hold for attacks such as these? When will we see the attack vector change drastically to target something that your company is most-likely unprepared for? We are seeing bad actors targeting low-hanging fruit on Windows, while the world of end-users are going mobile. If iOS development is part of your enterprise, then whether you like it or not, MacOS literally has to be an integral part of your infrastructure…because XCode. Is it possible that this is something that has gone unnoticed in the threat detection landscape, or is the perception of the threat level just perceived to be so low that we haven’t yet come up with a good way to protect against it?Read More
You guys, I am shocked! The Guinevere Deception by Kiersten White was so much more than I could have hoped for. Pretty much all I know from the King Arthur stories I learned from the show Once Upon a Time, and even that is a little hazy for me, because my memory is lacking. But, I am down for any and all retellings, especially those surrounding Kings and Queens from long ago and fae magic! I just saw the new Maleficent: Mistress of Evil movie this weekend, and all I kept thinking about was this book! So, even before reading the rest of my thoughts, if you’re into that kind of thing, too, then add this to your TBR immediately!Read More