In this blog we are going to take a look at an often overlooked or under-appreciated method to bypass Duo MFA for RDP. As long as the attacker has administrative rights on the computer, this blog will demonstrate how it is possible to enable restricted admin mode, and subsequently bypass the multi-factor authentication (MFA) requirement […]
Fall seven times and stand up eight. Japanese Proverb Following two failed attempts, I persevered and obtained the coveted OSCP on the third time around. The overall journey took me about a year and half of studying, practicing and scouring the internet through countless resources. In the following sections I will provide an overview of the exam and […]
Higher education institutions have embraced technological advancements to enhance the learning experience, streamline administrative processes, and foster collaboration. However, with the growing reliance on technology comes an increased risk of cyber threats. Cybersecurity has become a paramount concern for these institutions, as they handle vast amounts of sensitive data that includes personally identifiable information (PII), […]
In an era where cybersecurity has become a critical concern for institutions across all sectors, higher education institutions face unique challenges in safeguarding sensitive data, protecting research networks, and maintaining the trust of students, faculty, and stakeholders. The importance of using a penetration testing company focused specifically on higher education is key for achieving the […]
In this blog, we are going to look into a few of the top mistakes CISOs make when it comes to penetration testing and how your organization can avoid them.
When most people think about penetration testing, or securing their network in general, they tend to focus on their external perimeter that is exposed to the Internet. But as an organization matures from a security perspective and wants to truly understand their risk, they have to look at their network from other angles. The next […]
