Cyber Security Awareness and Vulnerabilities Blog
An IBM i Hacking Tale
Mar 21, 2023
So why are we talking about hacking of an IBM i? I think that's certainly not a headline we see very often, as IBM i systems have been considered un-hackable for years. Anyone who has worked on IBM i has heard some of these statements:
Image

Vintage Vulnerabilities: New Attacks Can Exploit Old Weaknesses
Mar 6, 2023
Popular entertainment would have us believe that hackers are all sophisticated attackers ready to strike the latest vulnerabilities. That is sometimes true, but it’s become increasingly apparent that whether it’s the latest zero-day bug or something that was discovered the same year Apple released the iPad, hackers are equal-opportunity offenders.
Image

Hardware Call Stack
Mar 2, 2023
Lately, there has been an important increase in the relevance of valid call stacks, given that defenders have started to leverage them to detect malicious behavior. As several implementations of “Call Stack Spoofing” have come out, I decided to develop my own, called Hardware Call Stack.
Image

How to Prevent Supply Chain Attacks
Feb 1, 2023
The worst thing about supply chain attacks is that the breach is not entirely your fault. Simply by trusting in software and services provided by a third party, they open the door to attack. Attackers look for a softer target in the supplier, gaining access they hope to leverage into more significant attacks.
Image

What is a Supply Chain Attack and How Can Organizations Defend Against Them?
Jan 19, 2023
Supply chain attacks were responsible for 62% of system intrusion incidents, according to Verizon’s 2022 Data Breach Investigations Report. This type of attack is one of the most effective ways to compromise organizations because it targets the weakest link in the security chain. Supply chain attacks usually begin by compromising a supply chain partner, such as a developer, distributor, or supplier.
Image

Understanding CVE Ranking and the Top CVEs
Jan 11, 2023
CVE stands for Common Vulnerabilities and Exposures. The CVE program is a reference list providing an id number, description, and instance of known vulnerabilities. The system has become the standard method for classifying vulnerabilities, used by the U.S. National Vulnerability Database (NVD) and other databases around the globe.
Image

Core Impact Updates: New Version Release and Impacket
Jan 10, 2023
We’re ringing in the new year with the latest release of Core Impact ! Version 21.3 strengthens the connection between Core Impact and Cobalt Strike, amplifying the capabilities of both tools.
Image

What is the Relationship Between Ransomware and Phishing?
Jan 9, 2023
Ransomware and phishing are usually put in two separate categories when cyberattack methodologies are discussed.
Image

A Spotlight on Cybersecurity: 2022 Trends and 2023 Predictions
Dec 14, 2022
In 2022, geopolitical unrest and an expanding online attack surface contributed to the emergence of several themes across the cyber landscape. Infrastructures associated with opposing ideologies were highly targeted, with government agencies, supply chains, and IOT devices falling victim to high-profile campaigns. Cybercriminals launched increasingly advanced attacks on vulnerable entities, with DDoS, ransomware, and hacking for a cause all consistently making headlines.
Image

Use Multifactor Authentication in Your Self-Service Password Reset
Nov 22, 2022
The Problem with Security Questions
Whether it’s an IT admin helping an employee gain access to their accounts or an employee attempting to change their password, authentication is required to prove that the person attempting to perform that action is indeed who they say they are. In the past, many teams have felt comfortable relying solely on the use of security questions to carry out that authentication. However, this approach has its shortcomings:
Image

Active Directory Attack Scenarios Part 3: Deserializing Your Way In
Nov 8, 2022
In this series focusing on Active Directory attacks, we’re running through four different scenarios based on real penetration testing engagements that demonstrate the variety of techniques and tactics that can be used to compromise
Image

Active Directory Attack Scenarios Part 2: Going Beyond Domain Admin
Nov 4, 2022
In this series focusing on Active Directory attacks, we’re running through four different scenarios based on real penetration testing engagements that demonstrate the variety of techniques and tactics that can be used to compromise
Image

How Offensive Security Enhances Visibility Into Potential Threats
Oct 18, 2022
Prior to launching a targeted attack against an organization, threat actors conduct thorough reconnaissance missions, gathering intelligence on employees, the infrastructure, and more. They want to know every possible inch of the attack surface to find every potential exposure before they make their move, using an array of tools and tactics to exploit vulnerable infrastructure.
Image

Active Directory Attack Scenarios: The Path from Printer to Domain Admin
Sep 22, 2022
Active Directory is an essential application within an organization, facilitating and centralizing network management through domain, user, and object creation, as well as authentication and authorization of users. Active Directory also serves as a database, storing usernames, passwords, permissions, and more. Active Directory is a perfect example of a technological double-edged sword. While such a centralized application can streamline IT operations, it does also make for an irresistible target for attackers.
Image

Intelligence Gathering - The Foundation of a Good Penetration Test
Sep 19, 2022
Penetration testing is more than a bunch of ex-hackers in hoodies attempting to break into an organization that hired them. It is a carefully planned and organized engagement that probes and tests a defined piece of an organization's IT infrastructure for potential flaws. Without good intelligence to work from, testers cannot efficiently conduct their attacks, leaving potentially unidentified gaps in an organization’s defense.
Image

4 Steps to Take Following a Pen Test
Aug 3, 2022
Congratulations! You’ve just completed a penetration test. So what now?
Image

Going on the Offensive: Federal Agencies Must Move from a Reactive to Proactive Security Approach
Jul 27, 2022
Modern threat actors and the condition of today’s threat landscape are forcing the collective hand of cybersecurity to go on the offensive -- and federal agencies are no exception. As cyber attackers grow increasingly adept at identifying and exploiting infrastructure weaknesses, they will opt for the path of least resistance. Therefore, agencies with a security posture that goes beyond traditional cyber defenses will fall farther down the list of attack targets -- but they will still be targeted.
Image

Core Impact Helps Secure PCI DSS v4.0 Requirement 11
Jul 26, 2022
The Payment Card Industry Data Security Standard (
Image

Core Impact Updates: Python Agents and OWASP Top 10
Jul 11, 2022
Though we have a new release planned for later this year, we’ve made some updates to Core Impact that we just couldn’t wait to release and share! First, we have a new agent written in Python to expand its use to different environments and further enhance its flexibility. Additionally, we’re staying on top of the latest threats by updating to the latest OWASP Top 10 list, making web application tests even more effective.
Image

Are You Ready for a Penetration Test?
May 26, 2022
The phrase “you’ve got to walk before you can run” is something that we’ve all heard and rolled our eyes at least once in our lives after we’ve attempted an advanced skill before mastering the basics. The saying is unfortunately very accurate when it comes to cybersecurity.
Image

Core Impact Introduces Ransomware Simulation
May 16, 2022
Once upon a time, it was often necessary to define the term “ransomware” as it was frequently met with questioning looks and the need for clarification. Nowadays, you can hardly go a day without hearing about some sort of attack. What has made ransomware such a pervasive threat, and how can organizations learn to better protect themselves?
Image

What is OWASP?
May 3, 2022
The cybersecurity world has so many acronyms, and yet we pretend to know what all of them are. However, there are many occasions that leave us wracking our brains, trying to remember what one stands for. Is it a product? An organization? A process? One acronym that everyone should know is OWASP—the Open Web Application Security Project.
Image

Overcome These 3 Challenges to Achieve SIEM Success
May 3, 2022
Security Information and Event Management (SIEM) solutions can take much of the tedium and guesswork out of monitoring, managing, and prioritizing critical security events. That’s why increasing numbers of cybersecurity professionals are embracing SIEM.
Image

The Importance of Penetration Testing for Cloud Infrastructures
Apr 7, 2022
With cybersecurity threats perpetually looming, many organizations have come to rely on penetration testing to assess their security stance and uncover weaknesses. According to the 2022 Pen Testing Report, 85% of respondents reported they pen test at least once a year.
Image

Pen Testing in Different Environments
Apr 7, 2022
As security threats persist, cybersecurity professionals are increasingly relying on penetration testing to uncover weaknesses and assess their security stance. According to the 2022 Pen Testing Report, 96% of respondents reported pen testing was at least somewhat important to their security posture.