We are thrilled to announce the latest release of Core Impact! Version 21.5 is packed with exciting features and improvements that provide a smoother and even more efficient user experience. Some of the new features include the option to use Impacket’s NTLMrelayx module to relay connections during an Active Directory attack, various coercion methods to trigger authentications into the relay...

When it comes to a security staple like penetration testing, we all have preconceived notions that make this practice seem quite challenging. The need to rotate vendors, interruptions to normal business, or even testers causing security risks are some that you often hear thrown around. But are they true? The short answer is no. In this blog, we’ll put these myths to rest and bring the truth about...

While it’s important to adhere to compliance regulations, blunders do happen. What does it mean when these blunders lead to you failing a cybersecurity audit, and how can you recover? Consequences of Failing a Cybersecurity Audit Failing a cybersecurity audit can mean several things. First, there’s the up-front legal fines that come with falling on the wrong side of compliance. Here are a few...

You may have heard that Core Security’s Core Impact is an enterprise-grade penetration testing solution that uses same tactics and techniques as real-world attacks. You may have heard that it’s automated and easy-to-use, so teams of any prior skill level can leverage the same advanced attacks. And you may have even heard that it can automate routine tasks as part of the overall engagement, so more...

Online banking is nearly universal in 2023. No more long lines at the credit union, late-night ATM trips, or waiting for a check to be cashed. Digital banking has revolutionized the financial industry and the way we do business as a whole. However, it has also indelibly increased the risk of cyberattacks, social engineering scams, and online compromise to the financial community. Here are some...

In The Importance of Layering Offensive Security Solutions, Fortra experts underscore the advantage of developing a single source offensive security tooling portfolio. Read on to find out the necessary ingredients for a proactive strategy and why Fortra’s ability to combine and maximize solutions optimizes security and produces the most effective outcomes. The Five Elements of an Offensive...

When school is out for summer, it seems like everyone is on vacation – everyone except your (un)friendly neighborhood cybercriminals. Something about the summer months puts us off our guard and threat actors on high alert. The only way to stay safe is to know what’s causing the trouble in the first place. We’ve packed our sunscreen – now read on to find out how to make sure your security also...

Cyber attacks may not have been around when Ben Franklin said, “By failing to prepare, you are preparing to fail,” but it has become an appropriate cybersecurity principle, nonetheless. So what does preparation involve and how are organizations ensuring that is integrated into their security strategy? One example is the TIBER EU Framework, a set of standardized red teaming procedures designed for...

Organized ransomware isn’t slowing down – in fact, a group just discovered a month ago is already responsible for dozens of attacks – and they are experts at discovering weaknesses we miss. With so many sophisticated new security tools and so much stack investment, how do we continue to play catch-up to roving ransomware groups? Because the reality is, we’re all prone to making mistakes. The 2023...