Latest News & Articles
Every October, the United States government, in collaboration with public and private sectors, observes Cybersecurity Awareness Month. This annual event,
Whether it’s safeguarding personal email accounts, sensitive financial information, or even critical business data, the significance of a robust password
CISA's Known Exploited Vulnerabilities Catalog
In November 2021 the Cybersecurity and Infrastructure Security Agency (CISA) started the Known Exploited Vulnerabilities (KEV) Catalog and Binding Operational Directive 22-01. The KEV catalog lists only vulnerabilities known to be actively exploited.
“sAMAcountName” and “noPac” are two critical Active Directory vulnerabilities that can lead to full Domain compromise. Learn how a dollar
This vulnerability is in ExifTool, a tool for changing the metadata of video, image and pdf files. Vulnerable versions of
Active Directory Series
This post introduces Active Directory Certificate Services (AD CS) and topics like: public key infrastructure (PKI), the Kerberos pre-authentication protocol PKINIT, Certificate Signing Requests (CSR), and templates. This overview provides a baseline for learning AD CS penetration testing.
PetitPotam is a NTLM relay attack vulnerability that is often checked for in Active Directory penetration testing. Attackers can become
CrackMapExec has various modules and options for Active Directory penetration testing. Here are 10 reasons to check out CrackMapExec.
Last month, Dallas County released a notice disclosing that Dallas County computers were sold at auction that did not have
Last week, Ferrari announced it was contacted by a cyber threat actor for a ransom demand. Their corporate response to
Last week, Monday March 13, CISA announced the creation of the Ransomware Vulnerability Warning Pilot (RVWP). This program was launched
Today, Kali Linux’s 10-year anniversary, Kali Linux released their newest Kali Linux version: Kali Purple. Kali Linux is known for
The key messages emphasize where the U.S. government wants to allocate its cybersecurity spending and who should be responsible for
The CyberPeace Institute has recorded cyber-attacks against a variety of host nations, including Ukraine and Russia. Reviewing their data from