Juicy #SitecoreLunch today! Discussed:
👹 Trolls
✒️ Cursive writing
📦 Product naming
🍀 Peppermint Petty
⏳ Value of patience
💾 3-2-1 backup rule
🤵 New #Sitecore CEO
🏆 #SitecoreMVP value
🤖 AI vs. the #metaverse
🔐 #Windows11 and #BitLocker
❓ Future of #SitecoreCommunity
See you same time next week! 🥪🥗
I lost my ubuntu after windows update automatically turned on bitlocker in dual boot #dualboot #partitioning #windows #bitlocker
🚀 NEW on We ❤️ Open Source 🚀
HP Pavilion locked by BitLocker? @linuxnerd tackled it with open source tools, wiped the encrypted NVME with dd, and installed Fedora 41 KDE.
Read the full breakdown of this Linux rescue: https://allthingsopen.org/articles/how-to-install-linux-remove-bitlocker-encryption
Zur Freude des, angeblich mit #BitLocker geschützten, #Windows schnell noch in der Firmware das #TPM zurücksetzen …
ich kenn mich doch mit bitlocker nicht aus, bin mehr der Katzenmensch (LUKS). Wenn der oem vorinstallierte Rechner #bitlocker verschlüsselt ist, wo bekomm ich dann den Schlüssel her?
Anscheinend ist die Windowsinstallation, die auf dem Rechner schon drauf war, mit #Bitlocker verschlüsselt. Wie bekomm ich denn jetzt den Schlüssel für meinen Rechner?
Talking with the folks in the local #vintage / #retrocomputing community, they clued me in that the #ThinkPad #RAID is a steaming pile of 💩 and not worth the trouble.
🤷 Oh well. Thanks for cluing me in
So I swapped out the two testing #NVMe drives I was using and reinstalled the original sticks - to have #windoz10 demanding for the #bitlocker recovery key. 🤦♂️
Well, time to wipe & install #windoz11 then.
Install went fine, only 4 rando #drivers to find for all #devices to be recognized and working.
Using my #CTT scripts to install the majority of applications, then to remove the #spyware #bloatware and other garbage #micro$oft added to #windows11
Then migrate my #data from my other ThinkPad. Welcome to my #sunday #funday
#siliconValley #SillyValley #sanfrancisco #sanfran #sanfranciscocomputers #sanfrancomputers #sanfranciscovintagecomputers #sanfranvintagecomputers #sanfranciscovintagehardware #sanfranvin-tagehardware
#vintagecomputing #vintagecomputint #vintagecomputer #vintagecomputers #vintagecomputalk
#vintagehardware #computerHistory #retro #VCF #vintageComputerFestival
#retrocomputing #retroComputers #WallOfRetro #retroTech #retroTechnology
#nerdsOfVintage #happyNerding
#computer #tech #computerHardware #laptop #laptops
#IBM #thinkpad #thinkpads #VintageThinkPad #X86 #WindowsVista #IBMhardware #lenovoHard-ware #Thinkpadnium
#upcycle #restore #TechnologyRepair #ThinkPadRepair #WasteNotWantNot #Thinkpadnium
#makeShitMonday #showmewhatyougot
#Help #MaydayBonjour à tous, j'ai encore besoin d'aide, j'ai commencé à regarder par moi-même. Mais là c'est plus gros et je préfère prendre des avis plus experts sur #Windows et #BitLocker (ne me jeté pas la pierre, je passe à Linux avant octobre c'est promis). J'ai fait une erreur qui a été d'installé un nouvel antivirus sans désinstallé l'ancien. Résultat hier soir je suis tombé sur un #BlueScreenofDeath avec #BitLocker qui me demande un clé de récupération d'un compte que je n'ai pas…
How Attackers Exploit BitLocker: Turning Legitimate Tools into Ransomware Weapons
https://www.seqrite.com/blog/bitlocker-ransomware-attack-defense/
#Infosec #Security #Cybersecurity #CeptBiro #Exploit #BitLocker #Tools #RansomwareWeapons
📊 ОПРОС
Каким средствам криптографии вы доверяете?
#криптография #шифрование #VeraCrypt #BitLocker #FileVault #LUKS #PGP #GPG #OpenPGP #GnuPG #privacy #crypto #cryptography #encryption #InfoSec #ИБ #кибербезопасность #информационнаябезопасность
Tipp: druckt die #BitLocker-Schlüssel eurer #Windows-Festplatten aus und archiviert sie an einem sicheren Platz. Hier steht, wie's geht:
[Перевод] Обходим BitLocker и вытягиваем из памяти ключи в Windows 11
Введение В этой статье я покажу, как можно обойти шифрование BitLocker в Windows 11 (версия 24H2) и извлечь из памяти ключи шифрования тома (full volume encryption key, FVEK) при помощи моего инструмента Memory-Dump-UEFI. Краткая справка Если у нападающего есть физический доступ к устройству, то он потенциально может получить доступ, резко перезапустив компьютер и выполнив дамп ОЗУ из недавно выполнявшихся экземпляров Windows. Дамп памяти можно проанализировать, чтобы найти конфиденциальную информацию, например, ключи FVEK. Эта методика не работает гарантированно, потому что после отключения питания содержимое ОЗУ быстро деградирует. Существует множество методик замедления этой деградации памяти, например, физическое охлаждение ОЗУ или использование внешних источников питания с целью поддержания подачи энергии. Для своего демо я закоротил контакты сброса на материнской плате устройства, что заставляет систему резко отключаться без потери питания. Ещё одна потенциальная проблема заключается в secure boot — стандарте безопасности, который ограничивает то, что может выполняться при запуске системы. Эта защита имеет собственные ограничения, и ещё уже обходили при помощи shim и множества других способов, которые для нашего демо несущественны.
https://habr.com/ru/companies/sportmaster_lab/articles/886652/
@darkling @nicholasr @nixCraft in my opinion, I rather have a disk with #LUKS encryption than #NTFS #BitLocker
@darkling @nicholasr @nixCraft 😄 disk encryption is overrated: you can also make an encryption container of some sort where you can store you files, which needed encryption! #VeraCrypt it is called I beleeve.
It's also quite nice that on #Linux you can chóóse disk encryption or not! If I would want it on #Windows, I wouldn't want to have #NTFS or #BitLocker touching my files! I don't understand it -- on Linux it is just encrypted, asks your passphrase each time you start up you pc, and decryps.
As a follow-up to Full Disk Encryption for those moving from #Windows10, #openSUSE offers #FDE secured by TPM2 or FIDO2 for #BitLocker-like security. 🔐🛡️ #10isEnough #EndofWindows10 #UpgradetoFreedom today! https://news.opensuse.org/2024/09/20/quickstart-fde-yast2/
Bitlocker là gì? Lợi ích tuyệt vời khi bảo mật bằng Bitlocker
Trong bài viết, InterData sẽ cùng bạn khám phá một trong những công cụ bảo mật hiệu quả nhất của Microsoft – BitLocker. Chúng ta sẽ tìm hiểu về lý do BitLocker lại được đánh giá cao trong việc bảo vệ dữ liệu, các tính năng nổi bật mà nó mang lại, và cách thức hoạt động của nó. Cùng với đó, bài viết sẽ chỉ ra khi nào bạn nên bật hoặc tắt tính năng này để bảo vệ an toàn dữ liệu.
I’ve updated my bitlocker attacks list https://github.com/Wack0/bitlocker-attacks
The main addition here is documentation of “break out in hives” (CVE-2024-20666, nice) and its variant (CVE-2025-21213).
The most interesting thing here is that it’s technically still not fixed - the fix was only applied to the PCA2023-signed bootmgr_ex, so without the KB5025885 mitigations applied (and other default settings which nobody ever changes), you’re still vulnerable without even needing a downgrade attack for bootmgr.
(If you’re using TPM-only bitlocker, you really should be using legacy integrity validation - that is, Allow Secure Boot for integrity validation policy DISABLED with PCRs 0,2,4,7,11 set - legacy integrity validation was never vulnerable to these issues in the first place! This would imply bitlocker potentially going into recovery more often with windows updates, but it’s a choice between that and currently broken bitlocker vulnerable to various boot-time software issues combined with downgrade attacks)
The main issue here is that starting from Windows 10 (th1), the systemdatadevice element was added to winload; if present the SYSTEM hive is loaded from this block device instead of the (bitlocker encrypted) OS partition.
Therefore, the first (easiest) exploitation method was to pull a SYSTEM hive from boot.wim, modify it to set SYSTEM\Setup!CmdLine to cmd.exe, and set up the WinRE boot entry to use it; booting WinRE would then pop a SYSTEM shell with bitlocker keys derived and in memory.
The original fix just removed the systemdatadevice support from winload, but (at least in some cases) the older revisions of winload (for the same major Windows version) would still boot Windows successfully; thus the second exploitation method: configure BCD to load winload from somewhere else (downgrade attack), booting the bitlocker-encrypted OS with custom SYSTEM hive taken from install.wim - it turned out that without winpe also set, this corrupted the SYSTEM hive on the bitlocker-encrypted OS partition; also the Win32 subsystem would fail to load, but native code execution would still work when setting SYSTEM\ControlSet001\Control\Session Manager!SetupExecute. Therefore, I took the old Native Shell codebase, ported it to AMD64, and modified it to acquire SeRestorePrivilege and open files with FILE_OPEN_FOR_BACKUP_INTENT (so permission checks would be ignored, so it’s possible to do the sethc trick at this point).
ExtractBitlockerKeys: extrae automáticamente claves de recuperación de Bitlocker de un dominio #bitlocker #herramientas #red_team #windows
https://www.hackplayers.com/2025/02/extractbitlockerkeys-extrae-de-dominio.html
“My daughter’s personal computer, she uses for school work, came up with needing a BitLocker recovery password.”
Over the weekend I was contacted by a dad on the other side of the country trying to locate the BitLocker key. This is a very common problem. Microsoft’s position is, “Don’t worry, we store you BitLocker keys for you in your Microsoft account!” Microsoft’s attitude seems like: “I know you’re in water over your head, and you can’t swim, and you’re drowning and choking, but don’t worry, we have life preservers right here on the boat. Come get one!”
The reality is that many people have no idea what to do when faced with this challenge.
You must protect yourself. Get your BitLocker recovery key for every BitLocker device, and store it safely yourself. You can find information on how to get your recovery key by searching for “find my BitLocker recovery key,” or a similar phrase, using any search engine.
If you don’t want to do that, contact me, and I’ll help you get your BitLocker key(s) for a very reasonable fee.
