In this blog we are going to take a look at an often overlooked or under-appreciated method to bypass Duo MFA for RDP. As long as the attacker has administrative rights on the computer, this blog will demonstrate how it is possible to enable restricted admin mode, and subsequently bypass the multi-factor authentication (MFA) requirement […]
Fall seven times and stand up eight. Japanese Proverb Following two failed attempts, I persevered and obtained the coveted OSCP on the third time around. The overall journey took me about a year and half of studying, practicing and scouring the internet through countless resources. In the following sections I will provide an overview of the exam and […]
Higher education institutions have embraced technological advancements to enhance the learning experience, streamline administrative processes, and foster collaboration. However, with the growing reliance on technology comes an increased risk of cyber threats. Cybersecurity has become a paramount concern for these institutions, as they handle vast amounts of sensitive data that includes personally identifiable information (PII), […]
In an era where cybersecurity has become a critical concern for institutions across all sectors, higher education institutions face unique challenges in safeguarding sensitive data, protecting research networks, and maintaining the trust of students, faculty, and stakeholders. The importance of using a penetration testing company focused specifically on higher education is key for achieving the […]
In this blog, we are going to look into a few of the top mistakes CISOs make when it comes to penetration testing and how your organization can avoid them.
When most people think about penetration testing, or securing their network in general, they tend to focus on their external perimeter that is exposed to the Internet. But as an organization matures from a security perspective and wants to truly understand their risk, they have to look at their network from other angles. The next […]
In the world of penetration testing, there are a lot of myths and misnomers surrounding the types of penetration tests, how penetration tests are conducted, etc. Today, we look to debunk 5 common myths of penetration tests and help you maximize the value from your next penetration test. Common Myths of Penetration Tests “We guarantee […]
When it comes to selecting a penetration testing provider, there are a lot of different points that need to be taken into account. What type of penetration test are you looking for? What is driving the need for a penetration test? Today we will explore some tips to help you in your penetration testing provider […]
The Penetration Testing Execution Standard or “PTES” is a standard consisting of 7 stages covering every key part of a penetration test. The standard was originally invented by information security experts in order to form a baseline as to what is required for an effective penetration test. While this methodology is fairly dated and has […]
There are a variety of ways to test the maturity of your security program, including a gap analysis and a penetration test. However, it can be overwhelming to hear about these different types of security assessments and try to make an informed decision about what is right for your organization and your budget. The different […]
