• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer

War Room

Shells from above

RSM logo

  • Home
  • About
  • Blog
  • Talks/Whitepapers
  • Tools
  • Recreation

Blog

WMI & PowerShell for Offensive Security

January 24, 2022 By Kevin Randall

As a penetration tester, learning how to use a CLI (Command Line Interface) is a necessary skill as there are many times where an interactive interface such as Remote Desktop won’t be available. Starting with a standard command prompt for Windows (cmd.exe) is a great start. However, there are more advanced and feature rich CLI interfaces. Two of which are WMI (Windows ... READ MORE

Log4j/Log4Shell Basics – CVE–2021–44228

December 14, 2021 By Sean Renshaw

On December 9, 2021 it was widely announced that a zero-day vulnerability was identified and is already drawing the attention of cyber criminals. A lot has already been written across the internet about the most recent vulnerability in Java’s Log4j utility.  We will do our best to keep this simple and to the point.  If you develop your own applications using Java, you should be ... READ MORE

Digital piracy through ransomware: A change in tides

November 29, 2021 By Sean Renshaw

Due to the tidal wave of ransomware attacks since 2018, the seas are changing, and the attackers are now becoming the attacked. A disparate group of entities have started to fight back against these modern-day pirates in an epic battle which will likely change how ransomware attacks are handled going forward. Years ago, digital pirates targeted healthcare and relatively ... READ MORE

2021 Attack Vectors Report

October 20, 2021 By Daria Ryabogin

For many years, RSM has made a continuous effort to assist organizations in addressing cybersecurity challenges, provide tools to achieve a desired state of security, and deliver guidance for attack prevention. We perform security penetration testing to simulate attacks on internal networks and closely mimic security breaches within controlled environments. By conducting these ... READ MORE

Russia’s new breadbasket is America’s Mid-West

September 30, 2021 By Todd Willoughby

The BlackMatter ransomware group, which claims to be the successor to the ostensibly, but possibly not so retired threat actor groups REvil/DarkSide, has successfully breached an Iowa-based grain and farm services provider. The provider, which operates grain elevators, trades crops and provides other support to Iowa and surrounding farmers, says it's has taken it’s systems ... READ MORE

Counterfeit COVID-19 Cards? An Analysis of Vaccination Record Security

September 7, 2021 By Jonathan Slusar

The following article has been published exclusively with the intentions of being used for education and training purposes. The author (Luke Labenski), War Room Blog, and RSM do not condone nor approve the usage of the information provided below for malicious purposes. Fraud and forgery are punishable by law and can be met with significant jail time as well as fines. It is ... READ MORE

Identifying Credit Card Skimmers Using Linux’s “strace” Command

August 19, 2021 By Zach Burnham & John Melvin

RSM US LLP’s (RSM’s) digital forensics and incident response (DFIR) team recently worked a case where a client was informed that their website’s payment platform was suffering from an ongoing attack. Based on customer complaints and common point-of-purchase (CPP) notifications from issuing banks, the client feared that credit card information was being scraped from purchases ... READ MORE

TSA cybersecurity directives: What pipeline companies need to know

August 4, 2021 By Ken Smith

After the Colonial Pipeline ransomware attack shut down the entire pipeline system for over a week, the Department of Homeland Security’s (DHS) Transportation Security Administration (TSA) issued a directive requiring all pipeline companies to take immediate actions to mitigate cyber risks. The first cybersecurity directive was issued on May 27 and the follow-up directive was ... READ MORE

The State of Ransomware

July 8, 2021 By AJ Hammond

Ransomware as a concept isn’t exactly bleeding edge. For years, cybercriminals have been using ransomware along with a variety of different attack vectors to compromise companies both big and small around the globe.   What is new, however, is the recent uptick in the quantity and frequency of ransomware-based attacks. According to Verizon's 2021 Data Breach Investigations ... READ MORE

Mapping Government Cybersecurity Initiatives to the NIST CSF

June 21, 2021 By Jonathan Slusar

On May 12, 2021, a press release was released by the Biden Administration regarding intentions to improve the nation’s cybersecurity and protections for federal government networks. The press release cites recent incidents (e.g. SolarWinds and the recent Colonial Pipeline ransomware incident) as reminders that cybersecurity threats are constantly evolving. More recently, there ... READ MORE

  • « Go to Previous Page
  • Go to page 1
  • Go to page 2
  • Go to page 3
  • Go to page 4
  • Go to page 5
  • Interim pages omitted …
  • Go to page 25
  • Go to Next Page »

Primary Sidebar

Categories

  • Defense
  • Forensics
  • Offense
  • Physical
  • R&D

Most Viewed Posts

  • DLL Injection Part 1: SetWindowsHookEx 10.8k views
  • Sophos UTM Home Edition – 3 – The Setup 10.8k views
  • Leveraging MS16-032 with PowerShell Empire 10k views
  • Bypassing Gmail’s Malicious Macro Signatures 9.8k views
  • How to Bypass SEP with Admin Access 8.9k views

Footer

  • RSS
  • Twitter
  • Tools
  • About
  • RSM US LLP

+1 800 903 6264

1 S Wacker Dr Suite 800
Chicago, IL 60606

Copyright © 2023 RSM US LLP. All rights reserved. RSM US LLP is a limited liability partnership and the U.S. member firm of RSM International, a global network of independent audit, tax and consulting firms. The member firms of RSM International collaborate to provide services to global clients, but are separate and distinct legal entities that cannot obligate each other. Each member firm is responsible only for its own acts and omissions, and not those of any other party. Visit for more information regarding RSM US LLP and RSM International.