7MS #436: Cleaning Up Your Cloud Clutter
7 Minute Security7 Loka 2020

7MS #436: Cleaning Up Your Cloud Clutter

Hey, hope you're having a great week! The last few weeks have had somewhat of a homecoming and home cleaning theme. To continue that train of thought, over the last few days I've gotten heavy into cleaning up my cloud clutter - cloud services, email, file sharing, etc. - in an effort to be more secure and have a reduced digital footprint. Today's tips include:

  • Double-check that any device you have that supports full-disk encryption has it enabled

  • On all your machines, clean up old straggler artifacts in C:, desktop folder, downloads folder, etc. Use the nifty built in tools for Windows 10 to free up even more disk space (I just learned about this one recently - Windirstat and Treesizefree were my go-tos for years)

  • Got old PCs sitting around you're not using? Nuke 'em with DBAN.

  • Go into your password vault and clean out creds for services you don't use anymore (especially for old client projects!)

  • Purge your file share services (Dropbox, OneDrive, etc. on a regular basis), and/or bring older archives over to cold (on-site) encrypted storage

  • Review your "bottleneck" accounts (key email accounts, for example) and review the devices/services linked to them - clean up and purge regularly

  • Handling password hashes? Here's one way to setup an encrypted partition for them

  • You can clean old email from Gmail quickly using some simple searches. You can also use Google Takeout to download offline copies of mail and then browse them later with Thunderbird

Jaksot(710)

7MS #686: Our New Pentest Training Course is Almost Ready

7MS #686: Our New Pentest Training Course is Almost Ready

Oh man, I'm so excited I can hardly sleep. Our new three-day (4 hours per day) training is getting closer to general release. I talk about the good/bad/ugly of putting together an attack-sensitive lab...

1 Elo 202523min

7MS #685: The Time My Neighbor Almost Got Scammed Out of $13K

7MS #685: The Time My Neighbor Almost Got Scammed Out of $13K

Today's kind of a "story time with your friend Brian" episode: a tale of how my neighbor almost got scammed out of $13k. The story has a lot of red flags we can all keep in mind to keep ourselves (as...

25 Heinä 202522min

7MS #684: Pwning Ninja Hacker Academy

7MS #684: Pwning Ninja Hacker Academy

Hey friends, today we start pwning Ninja Hacker Academy – cool CTF-style lab that has you start with no cred and try to conquer domain admin on two domains!

18 Heinä 202522min

7MS #683: What I'm Working on This Week - Part 4

7MS #683: What I'm Working on This Week - Part 4

This week I'm working on a mixed bag of fun security and marketing things: A pentest I'm stuck on My latest lab CTF obsession: Ninja Hacker Academy A cool "about 7MinSec" marketing video that was rec...

12 Heinä 202530min

7MS #682: Securing Your Family During and After a Disaster – Part 7

7MS #682: Securing Your Family During and After a Disaster – Part 7

Today's episode is a downer! We talk about things you might want to have buttoned up for when you are eventually not alive anymore: Living will Buried vs. cremated? Funeral plans Funeral PHOTOS? I a...

4 Heinä 202530min

7MS #681: Pentesting GOAD – Part 3

7MS #681: Pentesting GOAD – Part 3

Today Joe "The Machine" Skeen and I pwn the third and final realm in the world of GOAD (Game of Active Directory): essos.local! The way we go about it is to do a WinRM connection to our previously-pw...

27 Kesä 202518min

7MS #680: Tips for a Better Purple Team Experience

7MS #680: Tips for a Better Purple Team Experience

Today I share some tips on creating a better purple team experience for your customers, including: Setting up communication channels and cadence Giving a heads-up on highs/criticals during testing (n...

20 Kesä 202526min

7MS #679: Tales of Pentest Pwnage – Part 73

7MS #679: Tales of Pentest Pwnage – Part 73

In today's tale of pentest pwnage I talk about a cool ADCS ESC3 attack – which I also did live on this week's Tuesday TOOLSday. I also talk about Exegol's licensing plans (and how it might break your...

13 Kesä 202530min

Suosittua kategoriassa Politiikka ja uutiset

aikalisa
ootsa-kuullut-tasta-2
rss-ootsa-kuullut-tasta
tervo-halme
politiikan-puskaradio
viisupodi
rss-vaalirankkurit-podcast
rss-podme-livebox
rss-asiastudio
et-sa-noin-voi-sanoo-esittaa
otetaan-yhdet
the-ulkopolitist
radio-antro
rss-hyvaa-huomenta-bryssel
rss-tasta-on-kyse-ivan-puopolo-verkkouutiset
rss-kalevi-sorsa-saation-podcast
rss-kaikki-uusiksi
rss-merja-mahkan-rahat
rss-kuka-mina-olen
rss-tekkipodi