October is right around the corner, and that means National Cyber Security Awareness Month (NCSAM) is practically here too! We are excited to be a 2017 champion. Throughout NCSAM, we will post blogs that address weekly themes to further educate and spread awareness around important cyber security topics. The week one NCSAM theme focuses on “Simple Steps to… Read More
In our previous blog posts, we demonstrated how important it is for penetration testers to get credentials that grant administrative access over hosts within the organization to escalate their permissions. This week, we will discuss a relatively recent privilege escalation technique known as Kerberoasting, which pen testers and malicious hackers can use to crack weak network service account… Read More
Accessing Clear Text Administrative Passwords In our last blog post, we showed how pen testers can use misconfigurations within Active Directory group management to escalate privileges. However, that technique is heavily dependent on having access to privileged or misconfigured accounts in the first place. This week, we discuss another finding that we frequently take advantage of… Read More
October is National Cyber Security Awareness Month (NCSAM), which you can follow on Twitter using the hashtag #CyberAware, and we are excited to be a 2016 Champion! NCSAM was put together by the Department of Homeland Security and the National Cyber Security Alliance to help educate people on ways to improve their online safety and… Read More