• A Good Shell Is Hard to Choose

    March 26, 2018, Killian Ditch, Senior Consultant, Labs

    I had the recent opportunity to speak at BSides SLC, held on the Sandy campus of Salt Lake Community College. I tailored my presentation to the student demographic and chose to talk about one of the fundamental concepts that a penetration tester must understand: types of shells. I touched on the differences between simple shell interaction and a full-featured terminal and then launched into a discussion focusing on web shells. Following the theory conversation, I demonstrated how control over a server could be established by exploiting a file inclusion vulnerability and default credentials to deploy two different web shells, each adapted for the particular platform.

    Read more
  • On Padding Oracle Attacks

    March 22, 2018, John Stickle, Security Consultant, Coalfire

    Poodle is a vulnerability found in late 2014, and it is still occasionally seen during penetration tests. The vulnerability allows an attacker with a man-in-the-middle position to downgrade a secure connection between a client and a server to the vulnerable SSLv3. After the connection is downgraded, the attacker can proceed to perform the padding oracle attack, recover known plaintext, and decrypt the ciphertext.

    Read more
  • Takeaways from GAM 2018: Internal Audit Embraces Cybersecurity

    March 21, 2018, Nick Son, Vice President, Cyber Risk Services, Coalfire

    Last week, the Institute of Internal Auditors (IIA) held its 2018 Global Audit Management Conference at the Aria Resort in Las Vegas. With over 1,700 attendees, this was the most well-attended event in the history of the conference. Coalfire was one of the sponsors, and we were delighted to meet with so many forward-thinking audit executives and practitioners.

    Read more
  • Icebreaker: Chip Away at Active Directory Passwords, Automatically

    March 16, 2018, Dan McInerney, Senior Security Consultant, Coalfire

    To break the ice with Active Directory and shorten the cycles penetration testers spend on cracking passwords, I developed Icebreaker, a tool that automates network attacks against Active Directory and provides plaintext credentials. Icebreaker performs five network attacks in order...

    Read more
  • Managing Your Vulnerabilities, FedRAMP Style

    March 12, 2018, Dana Scaffido, Senior Consultant, Cyber Engineering, Coalfire

    As a member of Coalfire’s Cyber Engineering team, I frequently get questions about vulnerability Deviation Requests (DRs) from Cloud Service Providers (CSPs) seeking Federal Risk and Authorization Management Program (FedRAMP) authorizations. In this post, I’ll try to answer questions we frequently encounter about Deviation Requests and provide some useful resource links.

    Read more
  • Highlights from the HITRUST Third-Party Assurance Summit

    March 07, 2018, Andrew Hicks, Managing Principal, Coalfire

    The HITRUST TPA Summit brought together experts representing customers, vendors, and assessor firms in various aspects of risk management to share best practices, lessons learned and effective third-party risk management strategies leveraging the HITRUST CSF Assurance Program and HITRUST Assessment Exchange. Coalfire sent a team of healthcare experts to the Chicago event to meet with our HITRUST clients and folks from organizations who are thinking about a HITRUST journey. We were also there to find out what’s next for the HITRUST CSF, and we found out that the future is exciting!

    Read more
  • DFARS 7012 Compliance

    March 06, 2018, Mali Yared, Practice Director, Cyber Risk Advisory & Privacy, Coalfire

    At Coalfire, we field a lot of questions from government contractors about compliance with National Institute of Science and Technology (NIST) Special Publication (SP) 800-171. We also address requests for help with “DFARS 7012,” which is a commonly used shorthand for Defense Acquisition Regulation Supplement (DFARS) 252.204-7012. The information below should help to clarify some common questions around the purpose of each and links between them.

    Read more
  • NIST Interagency Report on IoT: An Incremental Step Toward IoT Standards

    March 05, 2018, Abel Sussman, Senior Project Manager, Commercial Services, Coalfire

    The Internet of Things (IoT) has been widely regarded as representing a significant cybersecurity risk, which will only grow as connected devices continue to proliferate. As an important step in addressing these concerns, the Interagency International Cybersecurity Standardization Working Group (IICS WG) has developed a draft National Institute of Standards and Technology Interagency Report (NISTIR) 8200, Interagency Report on Status of International Cybersecurity Standardization for the Internet of Things (IoT). The report’s intent is to inform and enable policymakers, managers, and standards participants to seek timely development and use of cybersecurity standards in IoT components, systems, and services.

    Read more

Recent Posts

Post Topics

Archives

Tags

2.0 3.0 access Accounting Agency AICPA Assessment assessments ASV audit AWS AWS Certified Cloud Practitioner AWS Certs AWS Summit bitcoin Black Hat Black Hat 2017 blockchain Blueborne Breach BSides BSidesLV Burp BYOD California Consumer Privacy Act CCPA Chertoff cloud CoalfireOne Compliance credit cards C-Store Cyber cyber attacks Cyber Engineering cyber incident Cyber Risk cyber threats cyberchrime cyberinsurance cybersecurity danger Dangers Data DDoS DevOps DFARS DFARS 7012 diacap diarmf Digital Forensics DoD DRG DSS e-banking Ed Education encryption engineering ePHI Equifax Europe EU-US Privacy Shield federal FedRAMP financial services FISMA Foglight forensics Gartner Report GDPR Google Cloud NEXT '18 government GRC hack hacker hacking Halloween Health Healthcare heartbleed Higher Higher Education HIMSS HIPAA HITECH HITRUST HITRUST CSF Horror Incident Response interview IoT ISO IT JAB JSON keylogging Kubernetes Vulnerability labs LAN law firms leadership legal legislation merchant mobile NESA News NH-ISAC NIST NIST 800-171 NIST SP 800-171 NotPetya NRF NYCCR O365 OCR of P2PE PA DSS PA-DSS password passwords Payments PCI PCI DSS penetration Penetration Testing pentesting Petya/NotPetya PHI Phishing Phising policy POODLE PowerShell Presidential Executive Order Privacy program Ransomware Retail Risk RSA RSA 2019 Safe Harbor Scanning Scans scary security security. SOC SOC 2 social social engineering Spectre Splunk Spooky Spraying Attack SSAE State Stories Story test Testing theft Virtualization Visa vulnerability Vulnerability management web Wifi wireless women XSS