Active Directory is often considered the holy grail for cyber attackers, and for good reason. Once they have control of this critical asset, they essentially have the keys to the kingdom and can easily access, create, or modify any of the main accounts, including trust relationships and domain security policies. Despite best efforts and intentions, Active Directory may be far more at risk than we would like. But how can you better protect this essential asset? Perhaps the best way to start is to understand exactly how attackers are successfully accessing it in the first place.
Software for Adversary Simulations and Red Team Operations
Making a decision on a new cybersecurity tool is never easy—particularly when it’s unclear how rival products compare. It’s tempting to simply type “product vs. product” into Google and see if one stands out as the clear favorite. However, sometimes you can find that two products have been mistakenly grouped together and aren’t actually in competition, but rather, they are in separate categories.
Due to the nature and power of these tools, we are required by the U.S. Government to complete a thorough vetting process with all users of the software to ensure security. You will be contacted by a Core Security representative shortly to begin this process.
Advanced Bundle Overview
Swiftly advance your cybersecurity program with this security testing bundle that features both an advanced penetration testing tool, Core Impact, and Cobalt Strike, threat emulation software intended for advanced adversary simulation and Red Team engagements.
In The New Normal in Cybersecurity Part 1, we examined three leading trends in the cybersecurity community over the past year. In this installment, we will take a look into the future and make predictions about where the cybersecurity landscape is potentially headed in 2022 and beyond.
The past year has shown organizations that uncertainty and a transformed reality are the new normal in business. While remote work was intended as a temporary response to the global pandemic, it is now considered a regular part of the business environment—fundamentally altering the way companies operate. This means organizations have had to respond in real-time to shift their cybersecurity strategies and keep up with an expanding IT infrastructure, the explosion of IoT devices, and a new wave of threats from more sophisticated attackers.
This post focuses on creating Cobalt Strike Beacon Object Files using the MinGW compiler on Linux. We will discuss several ideas and best practices that will increase the quality of your BOFs.
Flexibility
Compiling to Both Object Files and Executables
While writing a BOF is great, it’s always worth making the code compile to both BOF and EXE.