Making Cyber security simple – by Erez Kaplan Haelion

Step 1 – Understanding Admin rights More important: Who has them, and why they(you) don’t need them. Let's start at the very beginning: What exactly are Admin rights (or Admin privileges /Access)? Admin rights are the ultimate access to a given resource in a computerized environment. It means that the one that has Admin rights, can do whatever he wants with that specific resource. A resource on a computer can be a lot of things, for example, it can be a file (doc, spreadsheet and similar), a folder, a program/application/game/ configuration changes and it can even be the Computer itself. A resource on a Network can be all of the above, plus it can also be a trillion more things, a minor example can be: Network folders, files or shares, database, apps, web apps, printers, cameras, camera server…. and so much more, as much as you can imagine. Everything in the computer world every object, has an access right: when you interact with an object, the level of rights...

Mimikatz - What is it and what can you do against it ? Mimikatz is a self-exploitation tool designed mainly to steal a password. But nothing is as simple as it sounds because it doesn’t really steal passwords, it steals authentication Tokens\Tickets or password hashes. Sound baffling? Actually, it’s a lot simpler than it sounds. It is a common misconception to think that in order to gain access to a certain resource on a computer or a network, all you need is the username and password that allows you access to that specific resource. In theory that is correct, but in the background something completely different is happening. In order to gain the desired access, you need the correct key, and the correct key is what happens after you punch in your password. Let me explain: In order to prevent the stealing of the password by various mechanics, the password is never stored as it is. Instead, it is stored as Hash: a mathematical function that changes the password into...

Making Cyber Security Easier, Simpler and More Secure by Erez Kaplan -Cyber 2.0 CTO In this blog, I will take the complicated world of Cyber Security, and strip it down to its bare essence, while helping you make your network more secure. When necessary, I will delve into the depths and mechanics of new and intriguing attacks, and the ways of defending against them. If you want me to write about a specific Subject, Or have a specific question you want answered. Please write it in your comments, And I will do my best to answer. Best Regards Erez Kaplan Haelion Cyber 2.0 - CTO www,cyber20.com