The Coalfire Labs Blog

Welcome to the Coalfire Labs Blog, a resource covering the most important issues in IT security and compliance.  The Coalfire Labs blog is written by the company's leadership team and our highly-credentialed security assessment experts.


  • The Death Metal Suite

    April 09, 2019, Victor Teissler, Security Consultant, Coalfire

    Intel Active Management Technology (AMT) is a feature provided by Intel for remote administration. If you happen to have a corporate laptop, odds are you too have AMT built into your system. To a sysadmin, AMT eases access to machines for the sake of assisting employees with technical issues, even if the hard drive has failed or been affected by ransomware. This is due primarily to the fact that AMT does not require a functioning operating system for accessibility. Its configuration and operating environment reside completely within its own dedicated hardware!

  • High-Power Hash Cracking with NPK

    March 21, 2019, Brad Woodward, Director, Coalfire Labs

    Password hashes are an everyday part of life in Coalfire Labs. Barring any other low-hanging fruit, it’s not uncommon for a penetration test to hinge on recovering a plaintext password from one of these hashes. Whether it’s NTLM hashes from Active Directory, NetNTLMv2 from Responder, WPA2 PMK from a wireless penetration test, or hundreds of other possible sources of hashes, recovering the original password has been a challenge for hackers for decades.

  • Enabling Clients to Cope with ASV Scans

    February 22, 2019, Marco Brown, Associate, CoalfireOne Scanning Services

    Gathering evidence, applying patches, and configuring your systems in preparation for submitting your vulnerability disputes can be a nerve-wracking and daunting task. To better enhance your understanding of the Approved Scanning Vendor (ASV) process, I’ve outlined some coping mechanisms and tools to use.

  • Compensating Controls: When Patching Isn’t an Option

    February 04, 2019, Steve Durham, Consultant, CoalfireOne Scanning Services

    Your software vendor is asleep at the wheel and your devs still need that legacy daemon.

  • The HOW, WHY, and HUH? Blog on Disputes

    January 30, 2019, Travis Finn, Consultant, CoalfireOne Scanning Services

    As you may know, performing vulnerability scans is a requirement for PCI DSS compliance. One of those specific requirements, described in section 11.2.2, states that quarterly external scanning must be done by a qualified Approved Scanning Vendor. Coalfire just so happens to be an ASV, so if you need these scans we would happily oblige!

  • Displaying results 1-5 (of 76)
     |<  < 1 - 2 - 3 - 4 - 5 - 6 - 7 - 8 - 9 - 10  >  >|