After performing initial network reconnaissance and enumeration in a penetration test, there are a vast number of potential pathways into obtaining an initial foothold in a targeted network that can be overwhelming to a pen tester. One of the most basic, but tried and true initial attack vectors that I’ve seen utilized in penetration tests is performing Link-Local Multicast ... READ MORE
CISA Issues Rare Directive Regarding VMware Exploits
In a directive posted on May 18, 2022, the Cybersecurity and Infrastructure Security Agency (CISA) declared that all Federal Civilian Executive Branch agencies were required to perform actions on several VMware products: VMware Workspace ONE Access (Access), VMware Identity Manager (vIDM), VMware vRealize Automation (vRA), VMware Cloud Foundation vRealize Suite ... READ MORE
Counterfeit COVID-19 Cards? An Analysis of Vaccination Record Security
The following article has been published exclusively with the intentions of being used for education and training purposes. The author (Luke Labenski), War Room Blog, and RSM do not condone nor approve the usage of the information provided below for malicious purposes. Fraud and forgery are punishable by law and can be met with significant jail time as well as fines. It is ... READ MORE
Mapping Government Cybersecurity Initiatives to the NIST CSF
On May 12, 2021, a press release was released by the Biden Administration regarding intentions to improve the nation’s cybersecurity and protections for federal government networks. The press release cites recent incidents (e.g. SolarWinds and the recent Colonial Pipeline ransomware incident) as reminders that cybersecurity threats are constantly evolving. More recently, there ... READ MORE