Microsoft's Windows 11 requires TPM chips in order to upgrade.

Recently, Windows 11 was announced, and its features and requirements released. In a surprising move, Microsoft is requiring devices to have TPM chips in order to update to the newest version. A TPM is a Trusted Platform Medium chip. These are used to protect encryption keys and user credentials among other things. The goal behind requiring these chips is to help protect from ransomware and other modern attacks. Devices without a TPM can still upgrade, but they will either need workarounds or changes to the BIOS.

An article from The Verge covering this topic can be found here.

A list of compatible CPUs can be found here.

Comments

Using PGPy to encrypt and decrypt files and messages

PGPy is a library for python that enables the creation, storage, and encryption/decryption of PGP keys and files in python. Recently, in a small project to reacquaint myself with python, I used PGPy for key generation and encryption and decryption. That project can be found in my github at https://github.com/lpowell . The goal of the project was to use command-line switches to control the program, and to provide basic encryption and decryption capabilities, along with rot13 and base64 encoding. First, to load in a key use key, _ = pgpy.PGPKey.from_file(keyfilename) . This loads the key from either a binary or ASCII armored file. You can swap out .from_file for .from_blob , if you plan on using a key stored in a string or bytes object rather than a file. In my example code, I pull the key from a file, as I found it to be the simpler method. Next, you'll need to open a file or create a string or bytes object that contains the message you wish to encrypt. We'll cal...

Huntress CTF Challenge Writeups: HumanTwo: MoveIt IoC Analysis Challenge

HumanTwo: MoveIT IoC Analysis Challenge The HumanTwo challenge is a malware CTF from the 2023 Huntress CTF. This write-up walks through the initial discovery, de-obfuscation, and solving of the challenge. The actual flag will be redacted from the document, but interested parties should be able to follow the steps and derive it themselves. While the write-up assumes a base level of knowledge regarding the command line and Linux. Most tools and commands will be accompanied by short explanations. Step 1: Initial Analysis To start off, we are given an archive with 1000 files named after their file hash. The hint we are given is that there are minor differences between each file. We also know that HumanTwo relates to the MoveIT vulnerability and exploit. The easy way to progress is to look up articles that tell you about the vulnerability and what stands out in each exploit script. However, I didn’t do that, so I’ll put the process I followed down instead. First, because I knew that...

Huntress CTF Challenge Writeups: Hot Off the Press: A PowerShell Malware Challenge

I'm finally getting around to uploading these. My team and I had a blast doing the Huntress CTF and we learned quite a bit doing them! Formatting might be weird on some of these. They're copy/pastes from word docs. Hot off the Press: A PowerShell Malware Challenge Hot off the Press is a malware CTF challenge from the 2023 Huntress CTF. This write-up walks through the initial discovery, de-obfuscation, and solving of the challenge. The actual flag will be redacted from the document, but interested parties should be able to follow the steps and derive it themselves. While the write-up assumes a base level of knowledge regarding the command line, Linux, cryptography, and PowerShell. Most tools and commands will be accompanied by short explanations. This is a fun entry-level malware reversal challenge that is completable by all entry-level cybersecurity students with a little research. Step 1: File Discovery The file “hot_off_the_press” was given with the explanation that thi...

Blog.Bajiri

Search This Blog