The Coalfire Labs Blog

Welcome to the Coalfire Labs Blog, a resource covering the most important issues in IT security and compliance.  The Coalfire Labs blog is written by the company's leadership team and our highly-credentialed security assessment experts.


  • How I discovered CVE-2017-13707

    October 05, 2017, Michael Allen, Senior Consultant, Coalfire Labs

    New Vulnerability Found Using Techniques Taught at Black Hat USA

    One of the topics I teach in Coalfire's Adaptive Penetration Testing course, given most recently at Black Hat 2017, is manual privilege escalation on Linux- and Unix-based systems. I also talk about how common it is to gain an initial foothold in an environment by leveraging default or easily guessable login credentials. During a recent red team engagement, I leveraged both of these techniques – not only to fully compromise the organization's Active Directory environment, but also to discover and exploit a previously unknown vulnerability in the Replibit Linux distribution installed on a server on their network.

  • Black Hat 2017: training, cybersecurity trends and end-point protection

    August 03, 2017, Marshall England, Sr. Marketing Director, Technology & Cloud

    Every year, Black Hat is a highly anticipated event in the cybersecurity community—and Black Hat 2017 certainly did not disappoint! It was yet another year of record traffic, bustling with visitors from the security community that want to strengthen their security skills and postures. Organizations in the midst of digital transformations and digital native businesses alike sent security teams to learn about various tools and techniques to increase their knowledge of defense and breach prevention.

Top