• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer

War Room

Shells From Above

RSM logo

  • Home
  • About
  • Blog
  • Talks/Whitepapers
  • Tools
  • Recreation

RSM Author

Back To Basics: NTLM Relay

January 4, 2023 By RSM Author

BacktoBasics NTLM Relay

Despite being a veteran protocol, New Technology Lan Manager (NTLM) remains one of the most common authentication protocols used in Windows environments. Even though Kerberos offers enhanced security features over NTLM, many systems and functions still depend on NTLM, making it impossible for most organizations to move away from it entirely. Unfortunately, there are a number ... READ MORE

Back to Basics: Brute Forcing Techniques

November 16, 2022 By RSM Author

During an attack, a threat actor can often enumerate leverageable information through open-source intelligence (OSINT) gathering techniques. This can include information on users that are present on the target environment, such as usernames and email addresses. Often, a threat actor can use this information to craft a targeted list of users to facilitate a variety of attack ... READ MORE

2022 Attack Vectors Report

October 27, 2022 By RSM Author

Attack Vectors Report 2022

For many years, RSM has made a continuous effort to assist organizations in addressing cybersecurity challenges, provide tools to achieve a desired state of security, and deliver guidance for attack prevention. We perform security penetration testing to simulate attacks on internal networks and closely mimic security breaches within controlled environments. By conducting these ... READ MORE

Back to Basics: Kerberoasting

October 26, 2022 By RSM Author

Welcome back to our "Back to Basics" series, where we provide you with an overview of the bread and butter pentesting techniques that we regularly see compromise networks. In this week's installment, we're looking at Kerberoasting. Kerberoasting is a method to capture hashed passwords using the Kerberos network authentication protocol. This protocol protects network services ... READ MORE

Back to Basics: Microsoft Exploits

October 4, 2022 By RSM Author

Often, software vendors such as Microsoft release security patches for their products. Instead of a full-scale upgrade, patches are smaller, targeted updates that address vulnerabilities discovered in the current version of the product. The vulnerabilities fixed by these patches are often critical issues that can be exploited by attackers to gain access to sensitive information ... READ MORE

CVE 2022 30190 “Follina”

June 10, 2022 By RSM Author

Have you ever had to download a Microsoft Word document from a co-worker, friend, family member? I know I have. Now imagine you think you receive a Word document from your boss titled “New Promotions/Raises”. Without thinking, you go to download and access the file, and then a weird window pops up about Microsoft Windows Diagnostic Tool. The document is blank, which is weird, ... READ MORE

Scam Calls and Manipulation: How to Recognize Suspicious Content

March 10, 2022 By RSM Author

The experience is almost universal—you notice an unknown, but not entirely unfamiliar number flash across your screen during your workday. Because the number shares an area code with your location, you assume that you’re finally receiving a follow-up from your mechanic, or your doctor’s office, or your banker. When you answer, the voice on the other end (often automated) ... READ MORE

2021 Attack Vectors Report

October 20, 2021 By RSM Author

For many years, RSM has made a continuous effort to assist organizations in addressing cybersecurity challenges, provide tools to achieve a desired state of security, and deliver guidance for attack prevention. We perform security penetration testing to simulate attacks on internal networks and closely mimic security breaches within controlled environments. By conducting these ... READ MORE

Identifying Credit Card Skimmers Using Linux’s “strace” Command

August 19, 2021 By RSM Author

RSM US LLP’s (RSM’s) digital forensics and incident response (DFIR) team recently worked a case where a client was informed that their website’s payment platform was suffering from an ongoing attack. Based on customer complaints and common point-of-purchase (CPP) notifications from issuing banks, the client feared that credit card information was being scraped from purchases ... READ MORE

Microsoft Exchange – CVE-2021-26855+

March 5, 2021 By RSM Author

On March 2, 2021, Microsoft released several security updates to address at least seven critical vulnerabilities in supported versions of on-premise Microsoft Exchange Server. These vulnerabilities were observed being used in limited targeted attacks; however, due to the critical nature and publication of these vulnerabilities, Microsoft released guidance that all customers ... READ MORE

  • « Go to Previous Page
  • Page 1
  • Page 2
  • Page 3
  • Page 4
  • Interim pages omitted …
  • Page 15
  • Go to Next Page »

Primary Sidebar

Categories

  • Defense
  • Forensics
  • Offense
  • Physical
  • R&D

Most Viewed Posts

  • DLL Injection Part 1: SetWindowsHookEx 11k views

  • Sophos UTM Home Edition – 3 – The Setup 10.9k views

  • Leveraging MS16-032 with PowerShell Empire 10.1k views

  • Bypassing Gmail’s Malicious Macro Signatures 9.9k views

  • How to Bypass SEP with Admin Access 9k views

Footer

  • Facebook
  • LinkedIn
  • Twitter
  • Tools
  • About
  • RSM US LLP

(312) 634-3400

30 S. Wacker Drive Suite 3300
Chicago, IL 60606

Copyright © 2025 RSM US LLP. All rights reserved. RSM US LLP is a limited liability partnership and the U.S. member firm of RSM International, a global network of independent audit, tax and consulting firms. The member firms of RSM International collaborate to provide services to global clients, but are separate and distinct legal entities that cannot obligate each other. Each member firm is responsible only for its own acts and omissions, and not those of any other party. Visit for more information regarding RSM US LLP and RSM International.