SERVICESEXPERTS BLOGLET'S TALK

Experts Blog

Shadow Credentials: Workstation Takeover Edition
Shadow Credentials: Workstation Takeover Edition
Matthew Creel

Active Directory Certificates and PKINIT are hot topics these days and our operators at Fortalice have been doing their best to stay on top of the new research and tools. My previous blog touched on PyWhisker and referenced one of its resources available on https://thehacker.recipes. While reading through the documentation there, a note near the bottom caught my eye, which stated: User objects can't edit their own msDS-KeyCredentialLink attribute while computer objects can.

Wire Fraud Alert: Business Email Compromise (BEC) on the Rise
Wire Fraud Alert: Business Email Compromise (BEC) on the Rise
Kyle Macken

PKINIT FTW - Chaining Shadow Credentials and ADCS Template Abuse
PKINIT FTW - Chaining Shadow Credentials and ADCS Template Abuse
Matthew Creel

On a recent red team engagement, our team was tasked with focusing on Active Directory Certificate Services (ADCS) exploitation. The objective was to identify certificate template misconfigurations and potentially achieve privilege escalation by abusing them. The concepts and attacks used were based around the work and whitepaper by Will Shroeder (@harmj0y) and Lee Christensen (@tifkin_).

MacOS password recovery on a disk with FileVault 2 encryption
MacOS password recovery on a disk with FileVault 2 encryption
Fortalice Solutions

Disinformation, Misinformation and Manipulation Campaigns: A How to Guide for Creating an Organizational Incident Response Playbook and Managing Reputational Risk
Disinformation, Misinformation and Manipulation Campaigns: A How to Guide for Creating an Organizational Incident Response Playbook and Managing Reputational Risk
TrackerPayton

Elevating with NTLMv1 and the Printer Bug
Elevating with NTLMv1 and the Printer Bug
Matthew Creel

Demystifying Penetration Testing Pricing
Demystifying Penetration Testing Pricing
Kyle Macken

A How to Guide for Creating an Organizational Incident Response Playbook and Managing Reputational Risk
A How to Guide for Creating an Organizational Incident Response Playbook and Managing Reputational Risk
TrackerPayton

Colonial Pipeline Ransomware Breach: How to Protect Your Assets
Colonial Pipeline Ransomware Breach: How to Protect Your Assets
TrackerPayton

Fortalice Client Advisory: Unemployment Fraud
Fortalice Client Advisory: Unemployment Fraud
TrackerPayton

Hiding Behind the Front Door
Hiding Behind the Front Door
Red Team

Domain fronting is a generic technique based on HTTPS that allows an actor to hide the true destination of a communication from network equipment in the path. While domain fronting has been used in offensive engagements for several years now, the number of frontable cloud services continues to dwindle. Today, Fortalice is publicly adding another service to that list: Azure Front Door.

Advisory: HAFNIUM Threat Activity and Microsoft Exchange
Advisory: HAFNIUM Threat Activity and Microsoft Exchange
Blue Team

Fortalice's Threat and Incident Response Team is providing this advisory video to partners on recent developments associated with the HAFNIUM Threat Activity and Microsoft Exchange. The information is current as of March 2021.

In the News: US Federal Data Breach Legislation
In the News: US Federal Data Breach Legislation
TrackerPayton

Mimecast Advisory
Mimecast Advisory
Blue Team

The notification provided to Mimecast from Microsoft indicated that several certificates issued by Mimecast had been compromised by a sophisticated threat actor.

Fortalice Advisory on SolarWinds Orion Code Compromise
Fortalice Advisory on SolarWinds Orion Code Compromise
Blue Team

If your organization currently uses SolarWinds Orion products (versions 2019.4 through 2020.2.1 HF1), we recommend disconnecting all affected devices immediately.

Interview with an Expert: OCO Director Matt Shirley
Interview with an Expert: OCO Director Matt Shirley
Fortalice Solutions

Fortalice Director of Offensive Cybersecurity Operations (OCO) Matt Shirley talks the red team's perspective on addressing cyber threats on behalf of our clients. 

Election Security and Cybersecurity Best Practices
Election Security and Cybersecurity Best Practices
Fortalice Solutions

Fortalice CEO & Founder Theresa Payton spoke to Julie Mason about cybersecurity - Host of the Press Pool on SiriusXM - following the historic 2020 election.

Interview with an Expert: Director of Custom Solutions Alise Brzezinski
Interview with an Expert: Director of Custom Solutions Alise Brzezinski
Fortalice Solutions

Fortalice Director of Custom Solutions Alise Brzezinski talks third-party risk management in the COVID-19 era.

Fortalice Interview with an Expert: CEO Theresa Payton
Fortalice Interview with an Expert: CEO Theresa Payton
TrackerPayton

Fortalice CEO & Founder Theresa Payton discusses the Fortalice difference and her new book, Manipulated Inside the Cyberwar to Hijack Elections and Distort the Truth.

What is Fortified Security?
What is Fortified Security?
TrackerPayton

Fortalice delivers fortified security through the following four pillars: Preparation, Response, Education, Partnership

Categories
Defensive Perspectives
Offensive Perspectives
Executive Perspectives
Recent Posts
Shadow Credentials: Workstation Takeover Edition
PKINIT FTW - Chaining Shadow Credentials and ADCS Template Abuse
Wire Fraud Alert: Business Email Compromise (BEC) on the Rise