• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer

War Room

Shells from above

RSM logo

  • Home
  • About
  • Blog
  • Talks/Whitepapers
  • Tools
  • Recreation

Blog

Back to Basics: Kerberoasting

October 26, 2022 By RSM Author

Welcome back to our "Back to Basics" series, where we provide you with an overview of the bread and butter pentesting techniques that we regularly see compromise networks. In this week's installment, we're looking at Kerberoasting. Kerberoasting is a method to capture hashed passwords using the Kerberos network authentication protocol. This protocol protects network services ... READ MORE

Back to Basics: Microsoft Exploits

October 4, 2022 By Blaire Grassel

Often, software vendors such as Microsoft release security patches for their products. Instead of a full-scale upgrade, patches are smaller, targeted updates that address vulnerabilities discovered in the current version of the product. The vulnerabilities fixed by these patches are often critical issues that can be exploited by attackers to gain access to sensitive information ... READ MORE

What Recent Cyberattacks Teach Us

September 30, 2022 By Ryan Shockling

Cyberattacks have been in mainstream news again in recent weeks, as the hacker group Lapsus$ has launched several successful attacks against major companies. Recently, police in Oxfordshire arrested an unnamed seventeen-year-old known by the alias Tea Pot who has been credited as the one responsible for these notable attacks. For those familiar with common penetration testing ... READ MORE

Back to Basics: LLMNR and NBT-NS Spoofing

September 20, 2022 By Jonathan Slusar

After performing initial network reconnaissance and enumeration in a penetration test, there are a vast number of potential pathways into obtaining an initial foothold in a targeted network that can be overwhelming to a pen tester. One of the most basic, but tried and true initial attack vectors that I’ve seen utilized in penetration tests is performing Link-Local Multicast ... READ MORE

The easiest way to not get eaten is to at least try to not look like food: Critical asset considerations – Part 2

July 21, 2022 By Todd Willoughby

We are back! We didn’t go anywhere we have just been busy like everyone else. Today, we carry on my favorite miniseries of the best way to not get eaten is to not look like food; proverbially of course. Part 2 of this is regarding critical asset protections. This includes, but again not limited to, domain controllers and critical asset backups, business continuity planning, ... READ MORE

All quiet on the western front (for now)

July 14, 2022 By Sean Renshaw

Over 100 years ago, the Great War was being waged in what is now central and eastern Europe, along with Russia. During the “war to end all wars,” the world saw significant technology changes that brought new, and often terrifying, ways to inflict damage on people and countries. Fast forward to early 2022 and the Russia-Ukraine war, where we are seeing another wave of ... READ MORE

CVE 2022 30190 “Follina”

June 10, 2022 By Trevor Ryan

Have you ever had to download a Microsoft Word document from a co-worker, friend, family member? I know I have. Now imagine you think you receive a Word document from your boss titled “New Promotions/Raises”. Without thinking, you go to download and access the file, and then a weird window pops up about Microsoft Windows Diagnostic Tool. The document is blank, which is weird, ... READ MORE

CISA Issues Rare Directive Regarding VMware Exploits

May 19, 2022 By Jonathan Slusar

In a directive posted on May 18, 2022, the Cybersecurity and Infrastructure Security Agency (CISA) declared that all Federal Civilian Executive Branch agencies were required to perform actions on several VMware products: VMware Workspace ONE Access (Access), VMware Identity Manager (vIDM), VMware vRealize Automation (vRA), VMware Cloud Foundation vRealize Suite ... READ MORE

Lateral Movement with Low Privilege Shell for Red Teams

May 6, 2022 By Nicholas Hamm

After hours of OSINT (Open-Source Intelligence) and social engineering campaigns, your Red Team has finally obtained the coveted internal shell. The username, IP address, host and operating system information populates your (Command and Control) C2 framework interface, and a new stage of the engagement begins. But now that you have the shell, where do you go from here? Truth ... READ MORE

CVE and CVSS scores: Making Vulnerabilities Make Business Sense

April 29, 2022 By Nicholas Hamm

Computer

Late last year, news spread in the cybersecurity community about the zero-day Apache Log4j vulnerability. This vulnerability was somewhat unique—it was dangerous enough to warrant breathless news coverage, causing concern far outside of cybersecurity circles. RSM’s advice for organizations affected by the vulnerability was simply, “Drop everything and fix it. Now.” That level ... READ MORE

  • « Go to Previous Page
  • Go to page 1
  • Go to page 2
  • Go to page 3
  • Go to page 4
  • Go to page 5
  • Interim pages omitted …
  • Go to page 26
  • Go to Next Page »

Primary Sidebar

Categories

  • Defense
  • Forensics
  • Offense
  • Physical
  • R&D

Most Viewed Posts

  • DLL Injection Part 1: SetWindowsHookEx 10.9k views
  • Sophos UTM Home Edition – 3 – The Setup 10.8k views
  • Leveraging MS16-032 with PowerShell Empire 10k views
  • Bypassing Gmail’s Malicious Macro Signatures 9.8k views
  • How to Bypass SEP with Admin Access 8.9k views

Footer

  • RSS
  • Twitter
  • Tools
  • About
  • RSM US LLP

+1 800 903 6264

1 S Wacker Dr Suite 800
Chicago, IL 60606

Copyright © 2023 RSM US LLP. All rights reserved. RSM US LLP is a limited liability partnership and the U.S. member firm of RSM International, a global network of independent audit, tax and consulting firms. The member firms of RSM International collaborate to provide services to global clients, but are separate and distinct legal entities that cannot obligate each other. Each member firm is responsible only for its own acts and omissions, and not those of any other party. Visit for more information regarding RSM US LLP and RSM International.