Simple Active Directory Defense:1 Kerberos, the main authentication protocol of Microsoft Active Directory, uses Service Principal Names (SPNs) to associate the instance of a service with a sign-in account. An SPN is registered as an attribute of an AD account (computer OR user) usually when a service is installed (though it may also be set…

Tales from the Test

Red Shield

This is a recording of a presentation that I delivered at the Kentucky Office of Homeland Security’s Blue Team Summit – 2026 I walk through some real (and real serious) vulnerabilities uncovered during real penetration tests.

Malware Meltdown: MAFFIA

Blue Shield

Pros

I recently received some interesting malware attached to a phishing Email. This is always a great opportunity to do some basic (triage) malware analysis in order to get a general idea of the malware’s intent, capabilities, and how well our defenses are currently aligned with actual real-world threats. This time I decided to record the…

Keeping An “Eye” On Our Kids: Breaking the Child Exploitation Chain

White Shield

Joes, Pros

Recently I was afforded an opportunity to speak to a group of young ladies on the topic of Internet safety. The only problem was that I REALLY needed a refresher on the types of online threats young people are likely to encounter today. I did a ton of research for the presentation on a variety…

Getting Lost in the Cyber Threat Landscape: And Finding Your Way Home

White Shield

Pros

Every year we’re reminded that the cyber threat landscape is “changing”, “shifting”, “growing”, “ever evolving”, etc. If you’re like me, you spend a good amount of time researching the cyber threat landscape to stay informed. Unfortunately, also if you’re like me, you might go so deep researching the cyber threat landscape that you get kind…

Phishing Attacks & Defense: Understanding “Quishing”

Blue Shield

Joes, Pros

In this brief video you’ll learn about a form of phishing attack known as “Quishing”. Though this technique has been seen a handful of times in the past, recently it’s started gaining more traction and is on the rise. Get lifetime access to the full Phishing Attacks & Defense course.

The Top 5 Areas to Focus Your Cybersecurity Efforts (probably)

White Shield

Pros

I’ve got to give credit where credit is due and, in this case, it’s definitely due. Near the end of his excellent book: Ransomware Protection Playbook Roger Grimes rightly points out that the world of computer security defense is full of unranked lists. He’s also correct in implying that those of us who live in…

Microsoft 365 Threat Hunting Tool

Blue Shield

Pros

There are many tools and methods to conduct cyber threat hunting in a Microsoft 365 environment, but sometimes you just need a way to get some useful data that you can analyze quickly to answer that age old question “have we been hacked?”. In my opinion, Microsoft doesn’t make it easy to answer this question…

Living with “Lincoln Log Files”

White Shield

Pros

I actually remember the first time I saw Lincoln Logs. It wasn’t at my house. I had some great stuff as a kid, but some toys were just too expensive. I’ve never been able to understand why the most expensive toys are the ones that make YOU do the most work to enjoy them. Suffice it…

Exploring Cyber Soft Target Indicators (CSTIs)

Black Shield

Pros

“Soft Target” is a term used to describe a person, place, or thing that is relatively unprotected and vulnerable to attack. Terrorists, criminals, and otherwise unscrupulous individuals often look for “soft target indicators” when selecting a target (potential victim). Doing so helps an attacker assess the level of personal risk and weigh it against the…

Dissecting Disinformation & Misinformation

Gray Shield

Joes, Pros

Disinformation and Misinformation is rampant today…or is it? While these TERMS certainly seem to be rampant today many people being exposed to them (or in some cases even using them) aren’t exactly sure what they mean or know how to tell the difference between the two. In this brief video, we’ll take a look at…

Business Email Compromise Defense

Blue Shield

Joes, Pros

While Ransomware continues to dominate the headlines, Business Email Compromise (BEC/EAC) tops the list of financial losses (over $1.8 billion dollars) in the most recent FBI Internet Crime Complaint (IC3) report. This trend shows no signs of slowing down as BEC attacks continue to grow in number and effectiveness. If you are involved in processing financial transactions…

Phishing Attacks & Defense

Blue Shield

Joes, Pros

Phishing is one of the most common (and effective) forms of cyber attacks today. In this short video, we’ll examine some simple techniques that can be used (by technical and non-technical individuals) to better defend against phishing attacks. For an in-depth exploration of phishing attacks and how you can defend against them enroll in the…

Why Do We Even Have That Server?!

White Shield

Pros

Wow! What an end to a good (albeit frustrating) week! In between multiple engagements for several clients this week, I somehow managed to learn that “flowers are like a picnic for butterflies…” Yep, busy week but I still managed to get in all the bedtime stories with the kids! I’ve seen an interesting trend during…

Uhhhhh…what just happened? – Basic Macro Malware Analysis for I.T. Pros.

Blue Shield

Pros

Have you ever had something bad happen to you that was so quick, so unexpected, and so shocking that it left you asking “Uhhhh…what just happened?” I’ve actually experienced this on many occasions (and I’ve noticed an uptick since I got married). For example, I once made the “helpful” suggestion to my wife that it…

Seat Belts Save Lives…We Should Stop Using Them

White Shield

Joes, Pros

Sounds a bit crazy doesn’t it? Seat belts have been proven to significantly reduce the risk of death or serious injury in the event of a motor vehicle crash, and I’m recommending that we stop using them altogether? Why in the world would someone in their right mind make that kind of recommendation!? It’s simple,…

Quick Connection Info with ‘netstat’ (Linux)

Gray Shield

Pros

There are things in this world that will likely always be a mystery to me. For example, why are feminine hygiene products and toothpaste both stored in similar looking tubes? As both of these products are often found in bathrooms around the world it stands to reason that some poor guy (likely living in a…

Simple ICMP Host Discovery with Nmap

Gray Shield

Pros

The other day I needed to rapidly scan a range of IP addresses for hosts that responded to ICMP echo requests. I also needed the responding IP addresses to be in a simple list format (with a single IP per line). While there are many ways to do this I needed something quick (only had…

Sun Who? – Foundational Principles for a Stronger Cybersecurity Posture

White Shield

Pros

I recently attended a security symposium sponsored by some great agencies and organizations. One of the speakers really got me thinking about the foundational principles for a strong cybersecurity posture which inspired me to do some additional research and present my conclusions. My hope is that someone else might find these concepts useful in strengthening their…

MIT(R)M Attacks – Your middle or mine?

Red Shield

Pros

Recently (actually months ago now) my wife went out to see some friends from Church which left me with a couple of hours to kill at home (after I put the kids bed of course). I decided to use this opportunity to look for security vulnerabilities in the wireless router provided by my ISP. I…