Hello, welcome to the Wednesday, February 6, 2019 edition of the Sandcent Storm Center's Stormcast.

My name is Johannes Ulrich and I'm recording from Jacksonville, Florida.

If you have been in security for a while, you probably heard of Mimicats.

Mimicats is a great exploit tool that allows you to get passwords out of memory

and password hashes and the like that the operating system may use to authenticate.

Of course, once an attacker has this data, they can then use it in order to impersonate various

users. This technique is probably the favorite thing to impersonate various users.

This technique is probably the favorite thing to do for an attacker after the initial access

to a system on your network and defending against these Mimicats attacks should be a high

priority.

Rob's diary today goes over a number of different methods that you can use

in order to block this attack. Now, the problem here is a little bit the way Rob puts it's a

cat and mouse game between good guys, bad guys in that there are more than one way to actually get these credentials out of memory.

So you have to be really careful that you're up to date on your protections.

So take a look at Rob's right up and see if there's anything that you forgot in your environment.

In the open source office suite world, there are really two very similar products that you often see in Linux environments.

Open Office, which originally came out of Sun, but is currently being maintained by the Apache Foundation, and Libra Office, which sort of split

off open office during the time when it was owned by Oracle after Oracle acquired Sun.

But overall, Libra Office, open office tend to be somewhat similar even though they have diverged

a little bit over the last couple years.

Well, one important problem now why you may want to consider using Libra Office instead of

open office aside from politics like who exactly owns the code and what open source license is being applied

...