The exploit is actually simple but when I first encountered CVE-2020–11978, I did some quick google searches and didn’t find any available exploits.
I’ve always been a user of publicly available exploits when doing CTFs and boxes in hackthebox. So this time I decided to try to look into and write my own. This blog post describes that process .
[Link to original blog post] This year I was able to join the DEFCON 28 Blue Team Village’s OpenSOC CTF since the event was held online. I joined with my team, the hackstreetboys. There were 800+ participants, 500+ challenges, and 350+ teams in the competition which over 20 hours.
We did alright; 8th out of 20 in the CTF finals, and 5th out of 354 teams in the qualifiers. It could be better, and we’re going to try harder.
This was our first time playing and our exposure to blue team CTF’s is limited. We didn’t really know what to…
“Hierarchical Density-based Spatial Clustering of Applications with Noise” (What a mouthful…), HDBSCAN, is one of my go-to clustering algorithms. It’s a method that I feel everyone should include in their data science toolbox.
I’ve written about this in my previous blog post, where I try to explain HDBSCAN in as much depth as I could. This time I am taking the opposite approach: I will try to explain the main ideas HDBSCAN and density-based clustering as succinctly as I can.
I think (and I hope) that this primer on HDBSCAN would be friendlier for beginners and new-comers in data science.
TLDR: U2F prevents MITM attack between the victim and the Duo server, but not between the victim and the application. Because Duo is a 3rd-party service, we don’t have the same security properties that are associated with U2F between the victim and the server. This boils down to bypassing the Duo integration. If you can bypass the Duo prompt, then the phishing attempt will be successful, even if U2F is used. To prevent phishing, it is paramount that you enable hostname whitelisting . Without hostname whitelisting, Duo is similar to an OTP generator during a phishing attack.
This is a medium-sized extract from a longer blog post of mine. I go a little more in-depth on the difference between U2F and OTP and how LastPass decrypts your vault, you can see the full blog post.
(Un)fortunately, this is NOT a MITM attack on U2F. LastPass doesn’t support U2F so this is disappointingly simple. It uses Yubico OTP, which we know to be phishable.
In this article, I show mainly how to deploy a phishing attack on LastPass users, even when they are protected with Yubikey physical keys. …
This is the second part of a series of blog posts. You can read the first one on Data Exfiltration.
This blog post is structured as follows:
HDBSCAN is a clustering algorithm developed by Campello, Moulavi, and Sander . It stands for “Hierarchical Density-Based Spatial Clustering of Applications with Noise.”
In this blog post, I will try to present in a top-down approach the key concepts to help understand how and why HDBSCAN works. This is meant to complement existing documentation such as sklearn’s “How HDBSCAN works” , and other works and presentations by McInnes and Healy , .
Big data is hard, and the challenges of big data manifest in both inference and computation. As we move towards more fine-grain and personalized inferences, we are faced with the general challenge of producing timely, trustable, and transparent inference and decision-making at the individual level . For now, we will concern ourselves with the challenge of “timeliness”, and try to gain intuitions on how certain algorithms scale and whether or not they can be feasibly used to tackle massive data sets.
In inference, there is never “enough” data. As you get more and more data, you can start subdividing the…
This is both a walkthrough of the solution of Wildcard 400 challenge in the recent 2019 Trend Micro CTF, and some notes on network security monitoring. I’d recommend you try out the challenges first here. All implementation of the solutions can be found this kernel.
You are a network security administrator for the medium sized business XYZcorp. You often use network flow data to uncover anomalous security events. This challenge provides some sample aggregated data on flows, and uses answers from the anomalous events to construct the flag.
Data here is synthetic and does not model typical network protocols and…
Stats, security, and cryptography | Cloud Security and Machine Learning at Thinking Machines | GMON, CCSK | Masters student in data science