Newsletter

by webmestre webmestre No Comments

Excellium services newsletter November 2018 The Ghosts in the Forest, part II

In the previous part of this newsletter, we had a look on various shenanigans an attacker can pull to achieve persistence in your infrastructure. Abusing windows permissions, either through direct group memberships, or by more subtle means such as the AdminSDHolder or SID history properties. We also had a quick peek at Windows authentication most famous attacks, the golden and silver tickets.
We are now going to venture deeper in the forest, and pursue this line of investigation on authentication.

Read more

by webmestre webmestre No Comments

Excellium services newsletter October 2018 The Ghosts in the Forest, part I

The Cyber Kill Chain, developed by Lockheed Martin, is probably the intrusion-based framework the most referred by cyber security players when it comes to describe the lifecycle of an attack. Red teams will often use it to plan their intrusion attempts, and to translate their hit-and-miss in their final story telling reports. Blue teams, on the other hand, will focus on each steps of the Kill Chain to implement specific counter-measures in an attempt to detect, thwart or at least slow down attacks at its different stages.

Read more

by webmestre webmestre No Comments

Excellium services newsletter September 2018 – Cloud Security: Threats and Risks

Cloud-based computing has increased in popularity over recent years, and the growth shows no sign of slowing. Although the expression ‘cloud’ is sometimes used vaguely, it has been precisely defined by NIST Special Publication 800-145. The definition includes five essential characteristics, three service models, and four deployment models. All five essential characteristics must be present for a set-up to be considered as cloud computing. This definition is widely accepted, including by the CSSF in Luxembourg (Circular 17/654).

Read more

by webmestre webmestre No Comments

Excellium services newsletter – may 2018 : Penetration test – Wi-Fi

Wi-Fi intrusion tests always begin with a limited target knowledge and without credentials to simulate an opportunistic attacker. They are simulating real attacks on the wireless network. The classical approach using key research and spoofing is currently limited by the technology itself, it is often asked in a second time to use a corporate workstation having a wireless access in order to enhance the attack scenario quality with a better knowledge of the target infrastructure.

Read more

Top