Raiders of the Lost ARP

Amateur Security Archaeologists, trying not to break things.

Tag: Security (Page 1 of 11)

AI-generated image of our hero running to escape from an erupting volcano with precious data and computers.
This simulation is WAY more realistic than is necessary!

All I want for Christmas is Caldera 5.0

December 13, 2024 /

Well it has been some time since I have had an opportunity to log in and capture some thoughts – sorry about that! The truth is, it has been a wild few months with work, kids, and the whole ‘adulting’ thing. I do hope I can start offering something of use more frequently. Something that took a lot of time – and shouldn’t have – was getting a working installation of MITRE’s Caldera open-source attack simulation tool. I have used prior versions since 2020 – I think it was version 2.7? Well, the new release (Magma or v5.0) is fantastic. If you can get it to install correctly for you.

Continue reading
AI-generated cartoon of a bearded man wearing a hawaiian shirt and holding a garage sale selling financial information, corporate secrets, and access to critical systems.
Selling PII is so lucrative that I can probably drop my day job. So long, Congress!

Impact: When Attackers Just Want to Watch the World Burn

July 8, 2024 /

In our journey through the MITRE ATT&CK framework, we’ve explored how attackers gain access, establish persistence, and steal data. But what happens when adversaries decide to break things, or to show the defenders that they are in charge? This last post covers ATT&CK’s Impact tactic – the cyber equivalent of leaving a calling card, often with devastating consequences.

Continue reading
AI-generated cartoon of a bearded Indiana Jones running from kids throwing snowballs
These darn kids are packing their snowballs with rocks and sensitive data!

What’s Causing Mike’s Indigestion Now? We’re obsessed with the wrong snowflakes (28 June 2024)

June 27, 2024 /

Good day, folks! Another week, another headline-grabbing security incident seems to be dominating the discussion. And I am not talking about Tim Weah’s testy red card vs. Panama, or whatever comes out of the debate tonight. I am talking about a slow boiling issue that impacts all of us. After the last month’s buildup, Snowflake is in the spotlight, but don’t be fooled – this isn’t just about one company’s identity problems, and it has ripples through many. Let’s dive into why Snowflake’s woes are a wake-up call for all of us, and what else it might mean for how we tackle

Continue reading
AI-generated image of a defender in an Aloha shirt beating back a bunch of bad puppets on strings.
Whose idea was it to forego the DNS inspection? Has anyone got some scissors?

Command and Control: This is Major Tom to Ground Control

June 25, 2024 /

In our last post, we explored how attackers gather valuable information through the Collection tactic. Once adversaries have a foothold and have collected data, they need a way to maintain control over compromised systems and coordinate their activities. In military operations, you’ll see a mix of overt and covert forms of communications. But we know they are happening. Without them, the various units involved would be uncoordinated and the attack would fail before major objectives could be accomplished. Cyber adversaries need this sustained control as well. Payloads are unable to act autonomously for long. And exfiltrating data without it is futile. This is where the next MITRE ATT&CK Tactic comes into play: Command and Control (C2). Let’s dive into how attackers use C2 to orchestrate their operations and why it’s a critical component of almost every sophisticated cyber attack.

Continue reading
AI-generated image, cartoon of a bearded Indiana Jones stepping on a big spider.
"Spiders, why did it have to be spiders?"

What’s causing Mike’s Indigestion now? Someone’s entered the “find out” stage (20 June 2024)

June 20, 2024 /

Good day, folks! It’s been more of the same for security practitioners around the world. Increasing rates of ransom, leaks, and vulnerability announcements continue to climb. That said, interesting new news hit this week, with mixed results for cyber crime outfits. Let’s talk about ALPHV and Scattered Spider and look at some good guidance on MFA. We’ll also take a look at the other fun developments.

Continue reading
« Older posts

© 2025 Raiders of the Lost ARP

Theme by Anders NorenUp ↑

Verified by MonsterInsights