• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer

War Room

Shells from above

RSM logo

  • Home
  • About
  • Blog
  • Talks/Whitepapers
  • Tools
  • Recreation

Uncategorized

All quiet on the western front (for now)

July 14, 2022 By Sean Renshaw

Over 100 years ago, the Great War was being waged in what is now central and eastern Europe, along with Russia. During the “war to end all wars,” the world saw significant technology changes that brought new, and often terrifying, ways to inflict damage on people and countries. Fast forward to early 2022 and the Russia-Ukraine war, where we are seeing another wave of ... READ MORE

CISA Issues Rare Directive Regarding VMware Exploits

May 19, 2022 By Jonathan Slusar

In a directive posted on May 18, 2022, the Cybersecurity and Infrastructure Security Agency (CISA) declared that all Federal Civilian Executive Branch agencies were required to perform actions on several VMware products: VMware Workspace ONE Access (Access), VMware Identity Manager (vIDM), VMware vRealize Automation (vRA), VMware Cloud Foundation vRealize Suite ... READ MORE

Lateral Movement with Low Privilege Shell for Red Teams

May 6, 2022 By Nicholas Hamm

After hours of OSINT (Open-Source Intelligence) and social engineering campaigns, your Red Team has finally obtained the coveted internal shell. The username, IP address, host and operating system information populates your (Command and Control) C2 framework interface, and a new stage of the engagement begins. But now that you have the shell, where do you go from here? Truth ... READ MORE

CVE and CVSS scores: Making Vulnerabilities Make Business Sense

April 29, 2022 By Nicholas Hamm

Computer

Late last year, news spread in the cybersecurity community about the zero-day Apache Log4j vulnerability. This vulnerability was somewhat unique—it was dangerous enough to warrant breathless news coverage, causing concern far outside of cybersecurity circles. RSM’s advice for organizations affected by the vulnerability was simply, “Drop everything and fix it. Now.” That level ... READ MORE

Scam Calls and Manipulation: How to Recognize Suspicious Content

March 10, 2022 By Daria Ryabogin

The experience is almost universal—you notice an unknown, but not entirely unfamiliar number flash across your screen during your workday. Because the number shares an area code with your location, you assume that you’re finally receiving a follow-up from your mechanic, or your doctor’s office, or your banker. When you answer, the voice on the other end (often automated) ... READ MORE

Wi-Fi Security and Design Considerations

March 9, 2022 By Kevin Randall

  When wireless networks are created and designed in the modern enterprise, security for these networks is necessary, but so is ensuring the business requirements are aligned. Everything from antenna placement, conducting site surveys, antennas used, supported cipher suites, authentication protocols, and the EAP type used can all play a role in the security of a ... READ MORE

The easiest way to not get eaten is to at least try to not look like food: Hardening attack surfaces – Part 1

January 27, 2022 By Todd Willoughby

This will be a miniseries of posts; this is part 1 of 4. I was advised by a leader long ago in my consulting career to never do “Free Consulting.” I still strongly believe in that sentiment today, but there is also a part of me that wants to give back to the community, and this post is my and RSM Defense’s way of doing so. I also strongly believe that in 2022, threat actor ... READ MORE

Log4j/Log4Shell Basics – CVE–2021–44228

December 14, 2021 By Sean Renshaw

On December 9, 2021 it was widely announced that a zero-day vulnerability was identified and is already drawing the attention of cyber criminals. A lot has already been written across the internet about the most recent vulnerability in Java’s Log4j utility.  We will do our best to keep this simple and to the point.  If you develop your own applications using Java, you should be ... READ MORE

2021 Attack Vectors Report

October 20, 2021 By Daria Ryabogin

For many years, RSM has made a continuous effort to assist organizations in addressing cybersecurity challenges, provide tools to achieve a desired state of security, and deliver guidance for attack prevention. We perform security penetration testing to simulate attacks on internal networks and closely mimic security breaches within controlled environments. By conducting these ... READ MORE

Counterfeit COVID-19 Cards? An Analysis of Vaccination Record Security

September 7, 2021 By Jonathan Slusar

The following article has been published exclusively with the intentions of being used for education and training purposes. The author (Luke Labenski), War Room Blog, and RSM do not condone nor approve the usage of the information provided below for malicious purposes. Fraud and forgery are punishable by law and can be met with significant jail time as well as fines. It is ... READ MORE

Primary Sidebar

Categories

  • Defense
  • Forensics
  • Offense
  • Physical
  • R&D

Most Viewed Posts

  • DLL Injection Part 1: SetWindowsHookEx 10.8k views
  • Sophos UTM Home Edition – 3 – The Setup 10.8k views
  • Leveraging MS16-032 with PowerShell Empire 10k views
  • Bypassing Gmail’s Malicious Macro Signatures 9.8k views
  • How to Bypass SEP with Admin Access 8.9k views

Footer

  • RSS
  • Twitter
  • Tools
  • About
  • RSM US LLP

+1 800 903 6264

1 S Wacker Dr Suite 800
Chicago, IL 60606

Copyright © 2023 RSM US LLP. All rights reserved. RSM US LLP is a limited liability partnership and the U.S. member firm of RSM International, a global network of independent audit, tax and consulting firms. The member firms of RSM International collaborate to provide services to global clients, but are separate and distinct legal entities that cannot obligate each other. Each member firm is responsible only for its own acts and omissions, and not those of any other party. Visit for more information regarding RSM US LLP and RSM International.