asteroza + account   59

When the manual is not enough – runas /netonly, Unexpected Credential Exposure and the Need for Reality Based Holistic Threat Models – Security Stuff
Bypassing privileged access workstation GPO rules by using a type 9 login. From a hygiene perspective though, if that user had restarted to clear memory stored credentials, it's not the end of the world if someone ran bloodhound?
DFIR  windows  account  remote  network  login  logon  runas  security  hacking  pentesting 
february 2019 by asteroza
Windows Server 2012: Group Managed Service Accounts | Ask Premier Field Engineering (PFE) Platforms
Quit running tasks as system, run them as NETWORK SERVICE or use these gMSA's if you have a 2012 AD domain
windows  AD  active  directory  security  privilege  delegation  limited  account  group  managed  service  scheduled  task 
november 2018 by asteroza
Dave Martorana
this does a more complete split of profiles to keep account profiles/cookie/data separate
firefox  browser  addon  plugin  extension  multiple  account  profile  privacy 
september 2018 by asteroza
Firefox Multi-Account Containers – Add-ons for Firefox
not full multi, but good enough for separating cookies and the like
firefox  browser  addon  plugin  extension  multiple  account  container  privacy 
september 2018 by asteroza
About Inactive Account Manager - Google Account Help
AKA deadman's switch, though the phone number bit is kinda bad if the trusted contact has no stable phone number...
inactive  account  manager  google  deadmans  switch  access  death  planning 
august 2018 by asteroza
Free Cloud Shell!
So apparently google provides you with a free debian 7 VM with 5GB persistent home directory (though if you disconnect any apps temporarily installed get blown away if not in $home) if you have a valid gmail account. Not quite raining shells but...
google  cloud  VM  debian  shell  account  security  hacking  pentesting 
january 2018 by asteroza
facebook/DelegatedRecoverySpecification: Allows an application to delegate the c...
Like Oauth for account recovery? Could be something good, could be something bad, we just don't know...
delegated  account  recovery  specification  security  facebook  github  Delicious 
april 2017 by asteroza
N26 - Banking by Design
Effectively a virtual bank, in that they have no branches, and interaction is via smartphone
online  mobile  bank  finance  service  banking  money  account  Delicious 
july 2016 by asteroza
Create your Google Account
So you can make a google account without a gmail account/address...
google  gmail  account  creation  tips  tricks  privacy  Delicious 
july 2016 by asteroza
My Account
Now with the ability to locate/ring your smartphone when you lose it.
google  account  settings  configuration  control  android  iPhone  smartphone  location  Delicious 
june 2016 by asteroza
The Deathrow OpenVMS Cluster
Need an account on a VMS server to play with? This seems to the ticket...
OpenVMS  VMS  free  open  cluster  account  freeshell  research  security  shell  Delicious 
august 2014 by asteroza
How it works - Accounts Help
Interesting 2 factor authentication via phone for google/gmail accounts
google  account  2  two  step  factor  authentication  verification  phone  SMS  PIN  online  security  gmail  iPhone  android  password  Delicious 
june 2011 by asteroza
Unix Root Access Control - Linux Sudo Access - Unix Privilege Management | PowerBroker Servers
Once invoked this records EVERYTHING root does, every keystroke. Which means if anyone manages to look at the logs they'll see passwords too. If you are cool with that (only look if something bad happened stance), this may not be a bad thing for a system accountability and logging solution. Beats manual change control entry...
Powerbroker  linux  sysadmin  administration  least  priviledge  account  keystroke  logging  monitoring  security  trust  accountability  server  audit  auditing  software  Delicious 
january 2011 by asteroza
Create an iTunes App Store account without a credit card
Apple given tricks to getting a US iTunes store account without a creditcard, to facilitate accessing the US iTunes and appstore from a foreign country (wink wink)
apple  iTunes  US  USA  account  creation  iPhone  appstore  howto  guide  tutorial  reference  credit  card  Delicious 
november 2010 by asteroza
Official Gmail Blog: Detecting suspicious account activity
I wonder why they stopped at general region? If they have a subscription to the MaxMind geoIP database, they can get some pretty accurate information in theory. Offer a drilldown link to see estimated location, with a note that the exact location is as accurate as the database (which could be pretty off if it is showing an ISP's corp HQ address). Maybe use some javascript feelers to try to detect reflector proxy usage when someone is trying to mask their IP/location (custom DNS queries/access, since DNS commonly leaks?)
google  suspicious  account  activity  geoIP  security  warning  gmail  Delicious 
march 2010 by asteroza

related tags

2.0  2FA  3DSEQ  access  accident  account  accountability  accounts  active  activity  AD  addon  address  addressbook  administration  administrator  alert  alternate  alternative  analytics  android  anonymity  app  apple  application  appstore  audit  auditing  authentication  automatic  avatar  AWS  Azure  bank  banking  bastion  BBS  blank  blocking  book  breach  browser  brute  budget  bulk  burner  bypass  CAD  card  check  checking  checkter  chrome  circumvention  clearinghouse  CLI  cloud  cluster  compliance  compromise  configuration  connection  console  contact  container  continuity  control  correlation  cracking  creation  credential  credit  data  database  deadmans  death  deathswitch  debian  Dekart  delegated  delegation  delete  deletion  Delicious  details  detection  development  device  devops  DFIR  directory  disable  disaster  domain  editor  email  emergency  endpoint  enrollment  enumeration  escalation  executable  expense  extension  facebook  facial  factor  failsafe  federated  filtering  finance  firefox  force  free  freeshell  GCP  geoIP  github  GKE  gmail  google  GP  Gpdisable  GPO  graph  gravatar  group  guide  hacking  hosting  howto  IAM  IMAP  IMAP4  inactive  information  international  iOS  IP  iPhone  itunes  japan  javascript  keystroke  kubernetes  LAPS  leak  least  limited  linking  linux  list  local  location  lockout  logging  login  logon  mac  maltego  malware  managed  management  manager  media  memory  MFA  microservice  microsoft  migration  mobile  money  monitoring  multi  multiple  network  non-admin  number  office365  online  open  opensource  OpenVMS  OSX  Ouath  owned  password  pentesting  personal  phone  picture  PIN  planning  plugin  plus  policy  POP3  Powerbroker  privacy  priveledge  priviledge  privilege  privledge  profile  program  programming  pseudoanonymity  pwned  python  RBAC  realtime  recognition  recon  recovery  reference  remote  removable  research  reset  restriction  reuse  risk  role  root  runas  scheduled  security  separation  server  service  session  settings  shell  SIM  smartcard  smartphone  SMS  SNS  social  software  solution  specification  SRP  ssyadmin  standalone  step  storage  store  suite  suspended  suspicious  switch  sysadmin  sysinternals  system  task  telephone  terminal  test  testing  throwaway  tips  token  tools  tracking  transfer  transform  trick  tricks  trust  tutorial  two  US  USA  usage  USB  use  user  utilities  validation  verification  video  vista  VM  VMS  warning  web  windows  xp 

Copy this bookmark: