Selective Kerberoast Prevention using DACLs
Kerberoasting is a rather in-vogue and effective attacker technique within Active Directory (AD) environments that was first popularized by Tim Medin in his 2014 talk “Attacking...
Impossible Travel
As physical offices have cleared out and VPNs and remote access solutions are maxing out, many IT security departments have a sudden new challenge: how to identify an attacker...
COVID-19: Staying Secure while Staying at Home
Large swathes of the workforce are navigating remote work for the first time as non-essential offices are mandated to close. While businesses quickly spin up the infrastructure...
Getting Shells with OpManager
TL;DR This post provides an example of how administrative access to a ManageEngine OpManager application allows [testers] to obtain command execution on underlying OS using the...
Domain Monitoring, Fast and Cheap
If you’ve ever tried to visit a website and mistyped the URL, it’s possible you’ve encountered a typosquatting domain. Typosquatting, formally defined, is a technique used by...
PDBlaster: Making Bread from Attacker Breadcrumbs
Introduction Malware developers often leave unintentional hints about their development practices, goals, and identities in the executables they publish. These breadcrumbs can...
Listen to the Cyber Kumite Podcast and Video Series
Each week we deliver new discussions about the cybersecurity industry, challenges, and best practices. CISOs and other security specialists join us to bring their insight on each topic.
Interested in what we do?
Explore our Advisory Services to learn how our team can help improve your cyber program.