I previously blogged about spoofing Microsoft 365 using the direct send feature enabled by default when creating a business 365 Exchange Online instance (https://www.blackhillsinfosec.com/spoofing-microsoft-365-like-its-1995/). Using the direct send feature, it […]
Being a digital forensics and incident response consultant is largely about unanswered questions. When we engage with a client, they know something bad happened or is happening, but they are […]
tl;dr Implement this ACL using whatever network gear, cloud ACL config, or uncomplicated firewall you use to protect your networks. Our IOT devices are on 10.99.99.0/24 for this example. Also, […]
The internet is a product of a global group effort to build an interoperable network connecting billions of devices, regardless of country, region, or manufacturer. That effort yielded hundreds of […]
| Alyssa Snow In PART ONE and PART TWO of this blog series, we discussed common misconfigurations of Active Directory certificate templates. In this post, we will walk through exploitation […]
| Ethan Robish It’s been nearly a year since Lastpass was breached and users’ encrypted vaults were stolen. I had already migrated to a different password manager for all my […]
| Sean Verity Do you have a bunch of MFA apps on your phone that leave you feeling like you can’t put your arms down? Or maybe all those MFA […]
By Beau Bullock & Steve Borosh TL;DR We built a post-compromise toolset called GraphRunner for interacting with the Microsoft Graph API. It provides various tools for performing reconnaissance, persistence, and […]
Misconfigurations in Active Directory Certificate Services (ADCS) can introduce critical vulnerabilities into an Enterprise Active Directory environment, such as paths of escalation from low privileged accounts to domain administrator.
