During an attack, a threat actor can often enumerate leverageable information through open-source intelligence (OSINT) gathering techniques. This can include information on users that are present on the target environment, such as usernames and email ... READ MORE
Main Content
From the War Room Blog
2022 Attack Vectors Report
For many years, RSM has made a continuous effort to assist organizations in addressing cybersecurity challenges, provide tools to achieve a desired state of security, and deliver guidance for attack prevention. We perform security penetration testing ... READ MORE
Back to Basics: Kerberoasting
Welcome back to our "Back to Basics" series, where we provide you with an overview of the bread and butter pentesting techniques that we regularly see compromise networks. In this week's installment, we're looking at Kerberoasting. Kerberoasting ... READ MORE
Back to Basics: Microsoft Exploits
Often, software vendors such as Microsoft release security patches for their products. Instead of a full-scale upgrade, patches are smaller, targeted updates that address vulnerabilities discovered in the current version of the product. The ... READ MORE
What Recent Cyberattacks Teach Us
Cyberattacks have been in mainstream news again in recent weeks, as the hacker group Lapsus$ has launched several successful attacks against major companies. Recently, police in Oxfordshire arrested an unnamed seventeen-year-old known by the alias ... READ MORE
Back to Basics: LLMNR and NBT-NS Spoofing
After performing initial network reconnaissance and enumeration in a penetration test, there are a vast number of potential pathways into obtaining an initial foothold in a targeted network that can be overwhelming to a pen tester. One of the most ... READ MORE