trident – Automated Password Spraying Tool

The Trident project is an automated password spraying tool developed to be deployed across multiple cloud providers and provides advanced options around scheduling and IP pooling. trident was designed and built to fulfill several requirements and to provide: the ability to be deployed on several cloud platforms/execution providers the ability to schedule spraying campaigns in […]

SolarWinds Blames Intern for ‘solarwinds123’ Password Lapse

As cybersecurity researchers continue to piece together the sprawling SolarWinds supply chain attack, top executives of the Texas-based software services firm blamed an intern for a critical password lapse that went unnoticed for several years.  The said password “solarwinds123” was originally believed to have been publicly accessible via a GitHub repository since June 17, 2018, before […]

Gizmodo gives poor password advice

On Friday, popular tech news site Gizmodo published an article with the title: “Go Update Your Passwords Right Now”. The problem is, it’s just not good advice… Graham Cluley

Credential exposure trends: You need a better password

SpyCloud researchers recovered more than 4.6 billion pieces of personally identifiable information and nearly 1.5 billion stolen account credentials from 854 breach sources in 2020, the company announced in its 2021 Credential Exposure Report. Credential exposure trends The number of breach sources increased 33% over 2019, with an average 2020 breach size of 5,455,813 records. […]

Get-AzPasswords: Encrypting Automation Password Data

Get-AzPasswords is a function within the MicroBurst toolkit that’s used to get passwords from Azure subscriptions using the Az PowerShell modules. As part of this, the function supports gathering passwords and certificates that are attached to automation accounts. These credentials can be stored in a few different ways: Credentials – Username/Password combinations Connections – Service […]

Next Page »