Popular entertainment would have us believe that hackers are all sophisticated attackers ready to strike the latest vulnerabilities. That is sometimes true, but it’s become increasingly apparent that whether it’s the latest zero-day bug or something that was discovered the same year Apple released the iPad, hackers are equal-opportunity offenders.    

CVE stands for Common Vulnerabilities and Exposures.  The CVE program is a reference list providing an id number, description, and instance of known vulnerabilities. The system has become the standard method for classifying vulnerabilities, used by the U.S. National Vulnerability Database (NVD) and other databases around the globe.

We’re ringing in the new year with the latest release of Core Impact ! Version 21.3 strengthens the connection between Core Impact and Cobalt Strike, amplifying the capabilities of both tools.

Ransomware and phishing are usually put in two separate categories when cyberattack methodologies are discussed.

In this series focusing on Active Directory attacks, we’re running through four different scenarios based on real penetration testing engagements that demonstrate the variety of techniques and tactics that can be used to compromise

In this series focusing on Active Directory attacks, we’re running through four different scenarios based on real penetration testing engagements that demonstrate the variety of techniques and tactics that can be used to compromise

Prior to launching a targeted attack against an organization, threat actors conduct thorough reconnaissance missions, gathering intelligence on employees, the infrastructure, and more. They want to know every possible inch of the attack surface to find every potential exposure before they make their move, using an array of tools and tactics to exploit vulnerable infrastructure.