The Coalfire Blog

Welcome to the Coalfire Blog, a resource covering the most important issues in IT security and compliance. You'll also find information on Coalfire's insights into the unique cybersecurity issues that impact the industries we serve, including Cloud Service Providers, RetailFinancial Services, Healthcare, Higher Education, Payments, Government, Restaurants, and Utilities.

The Coalfire blog is written by the company's leadership team and our highly-credentialed security assessment experts. We look forward to your comments, so please join the conversation.


  • Sleuthing the Cloud: The Challenges of Forensics in Cloud Environments

    April 04, 2018, Robert Meekins, Director, Forensics, Coalfire

    More and more companies are embracing Cloud computing for the practicality, efficiency, and economy of outsourcing the housing, maintenance, and monitoring of applications and their associated infrastructure to a third-party provider. As the Cloud becomes more the norm than the exception, there is no lack of choices: Providers such as Amazon (AWS), Microsoft, IBM, and countless others are providing a variety of solutions, from e-commerce sites that process payments and credit cards, to developmental networks used to test and configure operational assets.

    Read more
  • A Good Shell Is Hard to Choose

    March 26, 2018, Killian Ditch, Senior Consultant, Labs

    I had the recent opportunity to speak at BSides SLC, held on the Sandy campus of Salt Lake Community College. I tailored my presentation to the student demographic and chose to talk about one of the fundamental concepts that a penetration tester must understand: types of shells. I touched on the differences between simple shell interaction and a full-featured terminal and then launched into a discussion focusing on web shells. Following the theory conversation, I demonstrated how control over a server could be established by exploiting a file inclusion vulnerability and default credentials to deploy two different web shells, each adapted for the particular platform.

    Read more
  • On Padding Oracle Attacks

    March 22, 2018, John Stickle, Security Consultant, Coalfire

    Poodle is a vulnerability found in late 2014, and it is still occasionally seen during penetration tests. The vulnerability allows an attacker with a man-in-the-middle position to downgrade a secure connection between a client and a server to the vulnerable SSLv3. After the connection is downgraded, the attacker can proceed to perform the padding oracle attack, recover known plaintext, and decrypt the ciphertext.

    Read more
  • Icebreaker: Chip Away at Active Directory Passwords, Automatically

    March 16, 2018, Dan McInerney, Senior Security Consultant, Coalfire

    To break the ice with Active Directory and shorten the cycles penetration testers spend on cracking passwords, I developed Icebreaker, a tool that automates network attacks against Active Directory and provides plaintext credentials. Icebreaker performs five network attacks in order...

    Read more
  • Introducing Red Baron - Automate the Creation of Resilient, Disposable, Secure, and Agile Infrastructure for Red Teams

    February 06, 2018, Marcello Salvati, Senior Security Researcher, Coalfire Labs

    The need to automate the creation of disposable red-team infrastructure is key to providing effective adversary simulations. As Coalfire Labs continued to grow, our team needed a system to quickly configure and spin up C2 and/or phishing infrastructure, run multiple campaigns at the same time, and recreate infrastructure if some parts got detected and/or blacklisted.

    Read more
  • Displaying results 11-15 (of 64)
     |<  <  1 - 2 - 3 - 4 - 5 - 6 - 7 - 8 - 9 - 10  >  >| 

Recent Posts

Post Topics

Archives

RSS Feed

The Coalfire BlogSubscribe to Feed
Chrome users will need to install RSS Subscription Extension (by Google)

Tags