Penetration Testing
-
Abusing Unconstrained Delegation via Service Principal Name hijacking
. When conducting penetration tests, abusing delegation is one of my favorite attacks to conduct. Not only is it usually a quick and easy way to elevate privileges, but I often find that many clients do not fully understand the risks associated with delegation and perhaps more importantly, they don’t know how to detect it.
-
Are YOU Protected? Recent MOVEit Application Hack.
The MOVEit application, a popular managed file transfer (MFT) solution developed by Ipswitch showed some recent vulnerabilities that threatens the security and confidentiality of the transferred data. The impact of this vulnerability can be severe, compromising the privacy and integrity of sensitive data. Organizations should take proactive measures to mitigate the risks and secure their file transfer operations.
-
Shadow IT and Rogue Applications
Authored by Lindsay Timcke
The last ten years have shown an unprecedented growth in application development and deployment. Presently there is pretty much an application for anything and everything you can imagine. From a corporate standpoint what this has led to is a dramatic increase in groups or even individuals within companies purchasing software that meets their department needs. Over time this application will grow in size and complexity while the user community and importance to the group for completing their daily tasks will also increase. From a compliance and audit standpoint the above introduces many points of concern.
-
Education Sector Being Targeted for Cyber Attacks
Back to school apparently also applies to hackers. Educational institutions are currently being targeted for ransomware attacks. The FBI, Cybersecurity & Infrastructure Security Agency (CISA) issued a warning on September 6, 2022 about the increase in ransomware attacks by hacking group Vice Society. This group has been using compromised credentials to exploit internet-facing applications to gain access, explore the network, exfiltrate sensitive student data and deploy ransomware. In the past, we have seen this disruptive activity lead to classes being cancelled, exams being delayed, to schools being shut down permanently.
-
Gramm-Leach-Bliley Act (GLBA) Final Ruling Presentation
What is included in the final GLBA rule published on October 2021? How might this impact you? When does the rule take effect? We will be presenting on the updated rule at the Higher Education virtual conference on 2/22/22. Here is the link if you are interested. 2022 Higher Education Virtual Conference : 2022 : […]
-
Build Your Own OSINT APIs for Pen Testers
tend to rely heavily on open-source intelligence (OSINT) data sources and APIs. This blog post is all about the value of mining OSINT data ourselves, and shows how to index very large datasets for quick searches.
-
Preventing a Password Compromise
Authored by Zoran Jovic
Password compromise is one of the most serious threats organizations face today. Attackers are attempting to gain access to your credentials 24/7, and tailor many, if not most attacks with the main goal of gaining access to credentials. Once the attacker has a username and a password, they become an authenticated user with access to systems and applications! While it may be hard to expect you to never make a mistake, a combination of user awareness training and effective security controls can help minimize the risk of a compromise. Whether you already have implemented mitigating controls, or are just starting on your journey, CLA can help verify and enhance your security posture.
-
Web Application Security – API Data Exposure
In this age of technology, APIs arguably have become the core essential piece of web-based services and applications. APIs are used to make “calls” or “requests” to send or receive information between two systems. Some APIs are utilized to transmit sensitive data, such as credit card numbers or medical information. It is important that organizations evaluate their applications to gain confidence that the APIs are secured and hardened.
-
Does Your Business Continuity & Disaster Recovery Plan Protect You In The Current Pandemic Environment?
With the pandemic we have seen an increase in inquiry to assist with the development or review of business continuity plans (BCP) and Disaster Recovery plans (DRP). Business continuity focuses on your process for recovering critical functions, while disaster recovery is more narrow in focus and most times is a subset of your BCP.
-
CLA Cybersecurity Alert: Microsoft Email Server Attack Update
On March 2, Microsoft first announced a series of vulnerabilities that enabled hackers to break into the company’s Exchange email, calendar programs, and in some cases integrated voice messaging. China — among others — has allegedly used this vulnerability to spy on a wide range of industries in the United States ranging from medical research to law firms to defense contractors.