Raphael Mudge Cobalt Strike

CobaltStrike Download Now Features Screenshots Training Support Cobalt Strike Media Kit Strategic Cyber, LLC loves bloggers and journalists. These materials are available for your use to tell the Cobalt Strike story to the world. If you have any questions or would like to schedule an interview, please contact us! Materials Cobalt Strike Trailer (3m46s) This video walks through a textbook penetration test with the Cobalt Strike product. Cobalt Strike Logo PSD (1716x408px) PNG (1716x408px) PNG (858x204px) Major Cobalt Strike (full-length) PSD (3248x3216px) PNG (3248x3216px) PNG (640x713px) Cobalt Strike Comic This comic shows the Cobalt Strike team executing an adaptive penetration testing process. PDF Cobalt Strike Product Specification Sheet This two-sided sheet describes Cobalt Strike, what it does, and who it is for. This document is best used to introduce Cobalt Strike to the grown-ups. PDF About Us Cobalt Strike Cobalt Strike is threat emulation software. Red teams and penetration testers use Cobalt Strike to demonstrate the risk of a breach and evaluate mature security programs. Cobalt Strike exploits network vulnerabilities, launches spear phishing campaigns, hosts web drive-by attacks, and generates malware infected files from a powerful graphical user interface that encourages collaboration and reports all activity. Strategic Cyber, LLC Founded by Raphael Mudge, Strategic Cyber LLC develops software and training for penetration testers and red teams. Its premier product is Cobalt Strike, a threat emulation suite. Raphael is a USAF veteran and the creator of Armitage for the Metasploit® Framework. Strategic Cyber LLC is based in Washington, DC. Metasploit® is a registered trademark of Rapid7 Inc. © 2012 Strategic Cyber, LLC

Countermeasures against school shootings

Countermeasures against School Shootings December 18, 20124 Comments Recent events and especially the tragedy at Sandy Hook Elementary School have prompted many of our school security clients to contact us asking for advise on preventing an attack or mitigating the consequences of a school shooting or massacre. In this blog post, we want to share with school administrators, security professionals, parents and community leaders ideas on how to minimize the potential of such an event at your school or in your community. Altering the adversary’s motivation is close to impossible – School shooter motivations vary from insanity to revenge and even political (terrorist) motives. The ability to detect, monitor and then influence these motivations is extremely difficult even for those closest to the would-be shooter (parents, teachers, counselors, etc). Our recommendation: do not rely on early detection of the shooter using indicators that stem from his psychological profile. Instead focus your mitigation strategy on maintaining a security policy that makes it difficult for the shooter to accomplish his operational objectives. This goal is possible and simple to execute but it does require effort and commitment. Active Shooter is a security issue and not a law enforcement Issue – Police response to an active shooter situation can take five to ten minutes or more. Most active shooter incidents are already over by the time police arrive at the scene, and even if the shooting is still in progress, most of the damage has already been done. Usually, all that remains for law enforcement is to gather evidence and collect the dead. Schools should focus on prevention strategies and not devote all their attention to a response plan. Adopt a long-term security strategy – Make a long-term commitment to security. This is usually easier said than done. Most institutions only spike efforts in response to an incident out of fear or the pressure to do something. This reactive approach is ineffective. Instead, make a long-term commitment to protect your school, and the people who study and work there, from future threats. This does mean spending money, making continuous efforts to improve, and getting buy-in from everyone involved from now, forward. Understand and address the Modus Operandi of the adversary – The choice of weapon and method of operation may change. The MO of choice today is active shooter, but tomorrow it could be an “active driver” trying to run over as many people on campus grounds as possible, with his vehicle. Your security procedures and policy must address not yet popular but probable MOs. Invest in Physical Security – This is obvious, but must be stated: a school that makes it easy for outsiders to enter is extremely vulnerable to threats. Physical security measures such as gates, locks and fences are not a deterrent for a motivated adversary, but they can serve as an obstacle or delaying mechanism that can potentially save lives. Extend your security circles outward as much as possible – Many institutions try to do security from the inside-in rather from the outside-out. This results in a smaller, less effectively secured area. Extend your physical security presence – think of a ring – as far out from your school as possible. As the distance between the adversary and the target (the school and its population) increases so do your chances to prevent the attack or mitigate its consequences. Introduce Proactive Security Procedures – Most school security procedures are administrative as opposed to proactive. For example, security guards may be required to check if a person’s name appears on a list but they are rarely tasked with evaluating the intent or behavior of a person attempting to enter the school. Security officers must be trained in threat and situational assessment and in security questioning. This training allows officers to determine the true nature of the visit and the true intent of the visitor. Have armed response capabilities – Having an armed security guard on premises does not mean you have “armed response capabilities”. Most armed guards are neither trained nor experienced with tactical response to an active shooter scenario. The armed security guards must be trained in: instinctive shooting, when-to-shoot scenarios, when to stop shooting or chasing, shooting through a face-forward crowd, hand-to-hand combat, aggressiveness training and more. The shooting technique for the guard must be based on an instinctive reaction where he does not need to think, only react and attack the shooter fully neutralizing him as soon as possible. He should not call for backups (someone else will.) He should not take cover (this allows the shooter to be in control.) He should not stop to treat or evacuate the wounded (someone else will.) The guard must know how to shoot while moving fast, forcing the adversary to defend himself. This type of shooting and response requires A LOT of training to the point where the guard’s response is completely instinctive. Test your Security System – A school that does not experience incidents should not regard itself as having good security. To evaluate whether or not the security system is effective, schools must test themselves through adversary simulations or “red teaming”. Every school must repeatedly conduct surprise infiltration testing to evaluate if current security procedures and systems are effective in preventing actual threats. The tests should be used to train and build experience with the security officers and the staff. They inform the design of and changes to, procedures and policy. Designate a “Police Room” in your facility – A cost effective means for maintaining police presence at your school is to provide local law enforcement with a spot where they can take a break from their patrols, drink a cup of coffee and have a quiet place to fill out their reports. Elevated, random police presence in the school makes it harder for the adversary to plan an attack and it increases the armed response capability of the school during certain hours of the day. The critics will say “well, this all costs money.” And that’s true. But there are innovative ways (beyond government funding) to pay for an improved security program. Active shooters are on the mind of every parent in the U.S. Most parents would not object to a modest, monthly ten dollar fee that could pay for implementing and maintaining all of the solutions we discuss here. During the suicide bombing campaigns in Israel between 2002 and 2005, restaurant customers were asked to pay a .50 cent fee on every table’s bill. This money was used to pay for security guards at restaurant entrances to prevent suicide bombers from entering. If someone is willing to pay .50 cents to have a peaceful dining experience, as a parent, I’m willing to bet that .50 cents a day is a very reasonable price for your child’s security. But more than the fiscal issues, we have to be committed in terms of priorities and decisiveness. When we are, we will effectively be able to prevent, deter, disrupt, and defend against these horrible killers. For more information about specific security procedures, training and consulting to improve your school’s security, please contact us. 4 Comments on “Countermeasures against School Shootings” TK on December 18th, 2012 at 7:04 pm Excellent article. Please send it to every school in the country. Linda Weese on December 19th, 2012 at 10:52 am Really great article with excellent suggestions. Am I allowed to share it with local schools? Thank you. Linda Weese Samuel Mayhugh on December 19th, 2012 at 10:55 am I agree with your material on countermeasures. These need to be promoted. What we do not generally have are policies, procedures, and training for student and worker reporting of behavior that creates fear or anticipation of violence. This calls for accountability and responsibility of both individuals and organizations for reporting concerns prior to a belief that the person will kill others. Sam Mayhugh, Ph.D., Consultant, DHS Admin on December 19th, 2012 at 11:02 am Linda Thank you very much for the feedback. Feel free to share it with anyone. The Chameleon Team Leave a Reply

VA OIG report on encryption non-compliance

http://www.va.gov/oig/pubs/VAOIG-12-01903-04.pdf

8-character passwords not long enough

Suzanne Choney, NBC News 8-character passwords just got a lot easier to crack A password expert has shown that passwords can be cracked by brute force four times faster than was previously thought possible. It's no magician's trick. Jeremi Gosney of the Stricture Consulting Group shared the findings at the recent Passwords^12 conference in Norway, where researchers do nothing but focus on passwords and PIN numbers. What Gosney showed is that a computer cluster using 25 AMD Radeon graphics cards let it make 350 billion — that's right, billion — password attempts per second when trying to crack password hashes made by the algorithm Microsoft uses in Windows. Ars Technica reported on the finding, estimating that it would take less than six hours for the system to guess every single possible eight-character password. Gosney, in an email to the site, said, "We can attack (password) hashes approximately four times faster than we could previously." Users should take action, especially those who have been using eight-character passwords and thinking they were safe (or safer than users with fewer characters in passwords), said Infosecurity, an online magazine. It doesn't even matter if you have numbers, upper case letters and symbols — you are not in the clear. Eight-character passwords "are no longer sufficient," the magazine says, and users should come up with longer passwords to "help defeat brute forcing, and complex passwords to help defeat dictionary attacks." Dictionary attacks use pretty common words, names and places that many of us still come up with for passwords, like "LoveNewYork" or even "Jesus" because they're easy to remember. They're also incredibly easy to crack. Dmitry Bestuzhev, of Kaspersky Lab, offers these suggestions: 1. Use a different password for each different online resource. Never reuse the same password for different services. If you do, all or many of your other online accounts can be compromised. 2. Use complex passwords. This means, in a perfect scenario, a combination of symbols, letters and special characters. The longer the better. 3. Sometimes our online service providers don’t let us create really complex passwords, but try to use long passwords, with at least 23 characters in a combination of uppercase and lowercase letters. A password of 23 characters (131 bits) would be ok. That may be an ambitious undertaking, especially with the abundance of services out there that all require authentication, but it's worth striving for. Eight characters "just isn't long enough for a password these days," Sophos Labs' Paul Ducklin told NBC News in an email. "Even before this latest 'improvement' in cracking, standalone GPU (graphics processing unit)-based servers could do the job on eight-character Windows passwords in under 24 hours." And, he added, "cybercrooks with a zombie network, of course, could easily do something similar, even without GPUs." Ducklin, writing about another password-cracking presentation at the password conference, made it clear that the findings are "yet another reminder that security is an arms race." But to stay ahead all you have to do is lengthen those passwords. At least for now.