
CQURE Academy Blog
11,409 FOLLOWERS
Expect topics like Windows Internals, Identity Theft Protection, Penetration Testing, Malware, Secure Server, Forensics, Server Monitoring, and Incident Response. CQURE Academy offers training, workshops & certification programs for Windows security professionals.
CQURE Academy Blog
1w ago
By leveraging snapshots, attackers can bypass security mechanisms and extract passwords or access tokens, allowing privilege escalation across the entire network. Watch the video above to find out how hackers can lay their hands on passwords by taking a snapshot of the running VM along with the memory and downloading the snapshot memory status files, […]
The post Hacks Weekly #63 – Attacking LSASS memory through VM snapshot appeared first on CQURE Academy ..read more
CQURE Academy Blog
2M ago
How can the Windows Mark-of-the-Web Protection be bypassed? ? Amr Thabet, Malware Researcher & Incident Handler, presented some of the scenarios in episode 62 of our #HacksWeekly series! Windows Mark-of-the-Web Protection is just the first layer of protection. The problems start when users use 7-ZIP or delete the specific version of the file and download […]
The post Hacks Weekly #62 – Bypassing Windows Mark of the Web Protection appeared first on CQURE Academy ..read more
CQURE Academy
4M ago
What is MITM6? MITM6 is an advanced penetration testing tool that exploits default Windows DNS configurations to facilitate man-in-the-middle (MITM) attacks. It targets mainly networks where IPv6 is enabled but not actively used. By responding to DHCPv6 messages, MITM6 can redirect traffic from vulnerable Windows machines to an attacker’s system. These redirections take place because […]
The post Hacks Weekly #61 – Man in the middle with MITM6 and NTLMRelay appeared first on CQURE Academy ..read more
CQURE Academy
4M ago
We’re happy to share that the 2024 edition is also taking place with our involvement! And we have to admit, this year’s agenda looks promising. As always, we’re ready to share only the most relevant skills, thoroughly tested during real-life scenarios. System Forensics, Incident Handling and Threat Hunting On December 9, you’ll have the opportunity […]
The post BLACK HAT EUROPE 2024! appeared first on CQURE Academy ..read more
CQURE Academy
4M ago
Over the years, the Advanced Windows Security Course has amassed hundreds of satisfied students, building a supportive community of cybersecurity enthusiasts and rising talents. We repeat it yearly, each time brainstorming to deliver the freshest techniques for combating cyber threats. As a result, the formula just keeps getting better. At CQURE Academy, our Experts consolidate […]
The post Get a Sneak Peek into the Advanced Windows Security Course! appeared first on CQURE Academy ..read more
CQURE Academy
4M ago
PetitPotam: How an NTLM relay attack can threaten Active Directory, Active Directory Certificate Services and your network PetitPotam is an advanced coercing attack and in combination with NTLM relay (NTLM redirection) attack it creates a serious threat to Active Directory (AD) infrastructures. By exploiting vulnerabilities in the EFS (Encrypted File System) RPC calls, PetitPotam can […]
The post Hacks Weekly #60 – PetitPotam Strikes Back: From (almost) Zero to Domain Admin appeared first on CQURE Academy ..read more
CQURE Academy
5M ago
The cybersecurity landscape constantly changes, and so does CQURE Academy. We always keep an eye on the industry updates and come up with new ways of delivering juicy content for all the knowledge-seekers. This time, we would like to present the premiere of our brand new Hacks Weekly formula that we are adapting now: webinar […]
The post Hacks Weekly #59 Webinars: Active Directory Security Management: From Threat Detection to Effective Response appeared first on CQURE Academy ..read more
CQURE Academy
6M ago
Get ready for another episode of Hacks Weekly, where we dive deep into the world of the biggest PKI misconfigurations. This time, we’ve got a special guest, Mike Jankowski-Lorek, PhD, Cybersecurity Expert and CQURE of Consulting at CQURE, who’s here to take your knowledge to new heights. During this episode, we will go through the most […]
The post Hacks Weekly #58 The Biggest PKI Misconfigurations appeared first on CQURE Academy ..read more
CQURE Academy
7M ago
Capturing live memory, also known as memory forensics, can be a valuable technique for cybersecurity professionals for several reasons. It can help with investigating advanced attacks by revealing hidden processes, network connections and other artifacts as well as supporting data recovery processes by revealing encryption keys, decryption routines or data remnants. Additionally, capturing live memory […]
The post Hacks Weekly #56 Ram Capturer appeared first on CQURE Academy ..read more
CQURE Academy
7M ago
When we look at the definition of insecure data storage, this is simply referring to different data that is stored without the added protection, encryption or any other different security measures. It is crucial for applications that are developed by different development teams. Sensitive data is vulnerable when our protection techniques are not sufficient. When we are […]
The post Hacks Weekly #55 Insecure Data storage appeared first on CQURE Academy ..read more