Tag Archives: Security

How to change a (domain) password on a Windows 2012 server

Security

When logged on to a Windows 2012 server through an RDP through another RDP connection on an Apple laptop, changing the password can be a challenge, especially if the account on this 2012 machine is not the same as on the machine you used to connect to the 2012 machine (try saying that sentence 5 times in a row).

So you’re logged on to a Windows 2012 server and you need to change the password of the actual account you’re using at that moment.

Click on the windows flag in the lower left of the screen and type this Powershell command:

Powershell -noprofile -nologo -noninteractive -command “(new-object -ComObject shell.application).WindowsSecurity()”

It doesn’t look pretty, but since I cannot find any alternative, it’s the best I can do.

It works!

Why securing devices using your fingerprint is not safe

fingerprint

Think about it: fingerprints are unique. Everybody has them and every one of them is unique, so it’s a secure way to prove your identity, right?

WRONG!

We all thought that passwords were easily hackable, if not by guessing, by brute force attacks. And we all know the “difficult” passwords: P@$$w0rd123 and 3AsyD03s1T. As if hackers are stupid! They’re not! Believe it or not, but these so called encrypted, but still “readable” passwords are easy to guess, just like your dog’s name and your mother’s birthday. I mean, a dog’s name is Bello, Spot, Rex, Fluffy or a dozen other names and as for birthdays: we only have to try every date since 1-1-1900, which is roughly only 115 x 365 = 42,000 dates which are there to try.

Read more »

Tracking the FREAK Attack

Now what? Yet another vulnerability exposed?

On Tuesday, March 3, 2015, researchers announced a new SSL/TLS vulnerability called the FREAK attack. It allows an attacker to intercept HTTPS connections between vulnerable clients and servers and force them to use weakened encryption, which the attacker can break to steal or manipulate sensitive data. This site is dedicated to tracking the impact of the attack and helping users test whether they’re vulnerable.

At the moment it seems that only Firefox is safe to use! And needlessly to say that you should ALWAYS be aware of unsafe content. Try not to click anywhere unless you really trust the website!!!

The FREAK attack was discovered by Karthikeyan Bhargavan at INRIA in Paris and the miTLS team. Further disclosure was coordinated by Matthew Green. This report is maintained by computer scientists at the University of Michigan, including Zakir Durumeric, David Adrian, Ariana Mirian, Michael Bailey, and J. Alex Halderman. The team can be contacted at freakattack@umich.edu.

For additional details about the attack and its implications, see this post by Matt Green, this site by the discoverers, this Washington Post article, and this post by Ed Felten.

Please visit this website to find out more about the vulnerability of your browser or website: https://freakattack.com/

 

Source: https://freakattack.com/