May 2026
M	T	W	T	F	S	S
	1	2	3
4	5	6	7	8	9	10
11	12	13	14	15	16	17
18	19	20	21	22	23	24
25	26	27	28	29	30	31

Archive for the ‘Security’ Category

How to Weaponize the Yubikey – Black Hills Information Security

Posted by jpluimers on 2024/11/12

I totally missed this back in 2019 when having the first belly surgery (that eventually would lead up into discovering I had already had rectum cancer at that time) [Wayback/Archive] How to Weaponize the Yubikey – Black Hills Information Security.

Luckily I got a reminder: [Wayback/Archive] jilles.com on Twitter: “/me the asshole that spoils the magic trick …” after [Wayback/Archive] yan on Twitter: “who’s excited for defcon next week”

Read the rest of this entry »

Posted in 2FA/MFA, Authentication, Development, Hardware, Hardware Interfacing, Power User, Security, Software Development, U2F FIDO Security Keys, USB, USB | Leave a Comment »

On my list of things to try: Cisco Duo MFA

Posted by jpluimers on 2024/10/29

At the time of writing [Wayback/Archive] Two-Factor Authentication & Data Protection | Duo Security is supposed to be free for up to 10 users.

That seems to be an excellent opportunity to re-learn MFA things as it has been a while since I have done big work in that area.

Duo was one of the very many Cisco acquisitions and I wonder how it fits into the Cisco landscape.

Documentation bits to start at:

Read the rest of this entry »

Posted in 2FA/MFA, Authentication, Development, Mobile Development, Power User, Security, Software Development, Web Development | Leave a Comment »

Need to check out the Windows AutoLogonSID registry value and other autologon security features in Windows

Posted by jpluimers on 2024/10/16

On my list of things to look at via [Wayback/Archive] “AutoLogonSID” – Google Search:

Read the rest of this entry »

Posted in Conference Topics, Conferences, Development, Event, Power User, Security, Software Development, Windows, Windows 10, Windows 11, Windows 7, Windows 8, Windows 8.1, Windows Development | Leave a Comment »

The state of malware today: From Highly Obfuscated Batch File to XWorm and Redline – SANS Internet Storm Center

Posted by jpluimers on 2024/10/10

A very interesting read, where it keeps me wondering how batch files like these are being generated (making them by hand feels very surreal): [Wayback/Archive] From Highly Obfuscated Batch File to XWorm and Redline – SANS Internet Storm Center

VirusTotal entry: [Wayback/Archive] VirusTotal – File – 453c017e02e6ce747d605081ad78bf210b3d0004a056d1f65dd1f21c9bf13a9a

The day after the article was written, only Kaspersky and ZoneAlarm detected it; in the past ZoneAlarm used the Kaspersky engine, but that stopped a while ago: [Wayback/Archive] ZoneAlarm Free Antivirus Review | PCMag.

The malware uses at least these technologies:

Read the rest of this entry »

Posted in Antivirus, Batch-Files, Development, Power User, PowerShell, Python, Scripting, Security, Software Development, Windows Development | Leave a Comment »

Thread by @troyhunt: the Internet Archive was breached, DDoSed and defaced – reset your passwords (it’s the same account as for their Wayback Machine)

Posted by jpluimers on 2024/10/10

was it a little more than a DDoS?

Despite messages of the Internet Archive and Wayback Machine were fully up again after the DDoS in the last few days (usually starting at around 20:00 UTC, lasting for hours at a time, but today at 10:00 UTC), countermeasures of their password breach at the end of September and defacement yesterday, today they still had Wayback Machine archiving issues:

Read the rest of this entry »

Posted in Internet, InternetArchive, Power User, Security, WayBack machine | Tagged: Darkmeta, Sn_blackmeta, Sn_darkmeta | Leave a Comment »

Windows 10/11: Skip Security Questions When Adding Local User

Posted by jpluimers on 2024/09/30

Based on [Wayback/Archive] Windows 10/11: Skip Security Questions When Adding Local User, [Wayback/Archive] Remove Security Questions when setting up Local Account in Windows and others:

if during initial Windows 10/11 setup you add a user with a password, then it will ask you for 3 security questions
if you do not want these 3 security questions:
1. leave the password blank when adding the user
2. after first logon, press Ctrl-Alt-Del and change the password from blank to an actual password

Via [Wayback/Archive] windows 10 skip security questions – Google Search.

–jeroen

Posted in Authentication, Power User, Security, Windows, Windows 10, Windows 11 | Leave a Comment »

What’s inside the QR code menu at this cafe? – by peabee

Posted by jpluimers on 2024/09/27

This is why I do not trust ordering via QR-code: you never know how good (or usually bad, often even non-existent) their security is.

[Wayback/Archive] What’s inside the QR code menu at this cafe? – by peabee is a really bad example about Google backed DotPe: they have zero-auth and by now have rated limited API access by IP address.

…

I went to a cafe near my home. I sat down and scanned the QR code on the table. It took me to a website displaying the cafe’s menu. It asked me for my name and Whatsapp mobile number. I entered the details and placed the order.

In 5 mins my order arrived at the table. There was no OTP verification, and no one came to confirm the order. Is this what the peak ordering experience looks like?

It was a slow workday, and I thought I might as well open this QR code website on my laptop and have a quick look under the hood. Maybe I should’ve just made my own coffee and stayed home because I didn’t realize I was opening a can of worms.

…

This kind of zero-auth is not infrequent: the Panels API and CDN were wide-open too: [Wayback/Archive] https://storage.googleapis.com/panels-api/data/20240916/media-1a-i-p~s

Read the rest of this entry »

Posted in Authentication, Development, Infosec (Information Security), LifeHacker, Phishing, Power User, Security, Software Development | Tagged: 1 | Leave a Comment »

string – Check if MyString[1] is an alphabetical character? – Stack Overflow (and how Embarcadero broke one of the product version neutral redirects)

Posted by jpluimers on 2024/09/24

Quite a while ago [Wayback/Archive] string – Check if MyString[1] is an alphabetical character? – Stack Overflow asked by [Wayback/Archive] User Jeff was answered by [Wayback/Archive] Andreas Rejbrand:

The simplest approach is

function GetAlphaSubstr(const Str: string): string;
const
  ALPHA_CHARS = ['a'..'z', 'A'..'Z'];
var
  ActualLength: integer;
  i: Integer;
begin
  SetLength(result, length(Str));
  ActualLength := 0;
  for i := 1 to length(Str) do
    if Str[i] in ALPHA_CHARS then
    begin
      inc(ActualLength);
      result[ActualLength] := Str[i];
    end;
  SetLength(Result, ActualLength);
end;

but this will only consider English letters as “alphabetical characters”. It will not even consider the extremely important Swedish letters Å, Ä, and Ö as “alphabetical characters”!

Slightly more sophisticated is

function GetAlphaSubstr2(const Str: string): string;
var
  ActualLength: integer;
  i: Integer;
begin
  SetLength(result, length(Str));
  ActualLength := 0;
  for i := 1 to length(Str) do
    if Character.IsLetter(Str[i]) then
    begin
      inc(ActualLength);
      result[ActualLength] := Str[i];
    end;
  SetLength(Result, ActualLength);
end;

Back in 2011 I added a comment that for more than a decade would redirect to the most current documentation on the IsLetter method:

+1 for using IsLetter which checks the Unicode definition for being a letter or not [Wayback] docwiki.embarcadero.com/VCL/en/Character.TCharacter.IsLetter

Back then, Delphi X2 was current, so it would redirect

After a long outage in 2022 (see The Delphi documentation site docwiki.embarcadero.com has been down/up oscillating for 4 days is now down for almost a day.) only the Alexandria help was restored.

This killed the above redirect.

Luckily [Wayback/Archive] George Birbilis noticed that and commented this:

@JeroenWiertPluimers the correct link now is: docwiki.embarcadero.com/Libraries/Alexandria/en/…

In order to refer to the most recent Delphi version, now you have to use [Wayback] http://docwiki.embarcadero.com/Libraries/en/System.Character.TCharacter.IsLetter.

This redirects:

The above breaks the help integration from older Delphi products which is bad. It is also bad because it makes it harder to port legacy Delphi code to more modern Delphi versions.

Hopefully the above gives you a bit insight how the docwiki help system was designed and what is left of that design.

–jeroen

Posted in Communications Development, Conference Topics, Conferences, Delphi, Development, Encryption, Event, HTML, HTTP, https, HTTPS/TLS security, Internet protocol suite, Power User, Security, Software Development, TCP, TLS, Web Development | Leave a Comment »

Thread by @LetheForgot to @SwiftOnSecurity on Thread Reader App – Windows boot recovery

Posted by jpluimers on 2024/09/23

[Wayback/Archive] Thread by @LetheForgot on Thread Reader App:

What we did was use the advanced restart options to launch the command prompt, skip the bitlocker key ask which then brought us to drive X and ran “bcdedit /set {default} safeboot minimal“which let us boot into safemode and delete the sys file causing the bsod.

Not scalable at all but let us get vital systems running while we try to solve the bootloop en masse

Don’t forget to renable normal booting afterwards by doing the same but running “bcdedit /deletevalue {default} safeboot“

Just in case another event like the 2024 Crowdstrike debacle happens.

--jeroen

Posted in Encryption, Power User, Security, Windows | Leave a Comment »

« Previous Entries

Next Entries »

	Jeroen Wiert Pluimer… on Arjen Lentz Crystal Ball Vulne…
	Jeroen Wiert Pluimer… on Digitale toegankelijkheid als…
	Jeroen Wiert Pluimer… on Digitale toegankelijkheid als…
	Vereniging NLUUG on Digitale toegankelijkheid als…
	jpluimers on Sony STR-DE205 Receiver…

The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

Subscribe

Archives

Recent Comments

Recent Posts

Blog Stats

Meta title

Tag Cloud Title

Top Clicks

Top Posts

My badges

Twitter Updates

My Flickr Stream

Pages

All categories

Email Subscription

Archive for the ‘Security’ Category

How to Weaponize the Yubikey – Black Hills Information Security

On my list of things to try: Cisco Duo MFA

Need to check out the Windows AutoLogonSID registry value and other autologon security features in Windows

The state of malware today: From Highly Obfuscated Batch File to XWorm and Redline – SANS Internet Storm Center

Thread by @troyhunt: the Internet Archive was breached, DDoSed and defaced – reset your passwords (it’s the same account as for their Wayback Machine)

Windows 10/11: Skip Security Questions When Adding Local User

What’s inside the QR code menu at this cafe? – by peabee

string – Check if MyString[1] is an alphabetical character? – Stack Overflow (and how Embarcadero broke one of the product version neutral redirects)

Thread by @LetheForgot to @SwiftOnSecurity on Thread Reader App – Windows boot recovery

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

Subscribe

Archives

Recent Comments

Recent Posts

Blog Stats

Meta title

Tag Cloud Title

Top Clicks

Top Posts

My badges

My Flickr Stream

Pages

All categories

Email Subscription

Archive for the ‘Security’ Category

Rate this:

Share this:

Rate this:

Share this:

Rate this:

Share this:

Rate this:

Share this:

Rate this:

Share this:

Rate this:

Share this:

Rate this:

Share this:

Rate this:

Share this:

Rate this:

Share this:

Rate this:

Share this: