The Coalfire Labs Blog

Welcome to the Coalfire Labs Blog, a resource covering the most important issues in IT security and compliance.  The Coalfire Labs blog is written by the company's leadership team and our highly-credentialed security assessment experts.


  • Black Hat 2017: training, cybersecurity trends and end-point protection

    August, 2017, ,

  • [CMSAbstractTransformation.DataBind]: Object reference not set to an instance of an object.
  • Just a Few Seats Left at the Coalfire Adaptive Pen Testing Training at Black Hat!

    July, 2017, Communications Team, Coalfire

    Black Hat is just around the corner, and Coalfire is gearing up for the best Adaptive Penetration Testing Training yet! We’ve ‘adapted’ the Adaptive Penetration Test Training course with new instructors, enriched content, and new labs to provide the richest training to date. The revised training now includes exploitation and post-exploitation for Linux as well as an after-hours bonus, Social Engineering “practical” exercises. Demand has been high – we’ve sold out the July 22-23 class, but we’ve got just a few seats left for our July 24-25 class. Save $100 on those last seats if you register before the 21st!

  • Petya/NotPetya: What It Is, and What You Can Do Right Now

    June, 2017, Mike Weber, Vice President, Coalfire Labs

    Just when we thought there were no more tears left in the wake of WannaCry, it’s time to pull out the tissues yet again for the latest global cyber incident: introducing “NotPetya,” the most recent ransomware variant to creep across continents and affect companies across many industries. Please read on for helpful information on how to prevent a NotPetya attack, as well as minimize propagation across the network.

  • Getting the Most Value Out of Your Phishing Program

    June, 2017, Ryan MacDougall, Sr. Security Consultant

    Are your phishing tests worth the money you are spending on them?

    Please don't misinterpret that as suggesting you shouldn't be testing your users. To the contrary, I think you should be testing all your users (executives of all ranks included) on a regular basis. What I mean by that question is; are you really "testing" your users, or are you merely spot quizzing them?

  • Ransomware: the anatomy of paying a ransom to decrypt hostage files

    May, 2017, Bryce Bearchell, Security Consultant

    Ransomware is on the rise and clients seeking to understand the process can learn from this client’s story about being a victim of ransomware as to what can be expected and how to handle a ransomware attack. Recently a company facing a malware infection approached us to help them deal with the encryption of most of their servers across their domain. This also included systems that held online backups - and there was no offline backup solution (that’s a topic for a whole different blog post). The company had discovered a ransom note on their affected systems, along with data files that had been deleted and new files created in the format of <original_filename>.whereisyourfile that appeared to be encrypted.

  • Displaying results 46-50 (of 89)
     |<  <  6 - 7 - 8 - 9 - 10 - 11 - 12 - 13 - 14 - 15  >  >| 
Top