January 23, 2019 / by Elteni / Cyber, defeat, Evade, Evasion, Internal, Penetration Test, Red Team, Reverse Shell, Unicorn, Window 10, windows defender
It seems we just peaked your interest, right? Isn’t that the reason you are here reading this? It’s either that, or you are just trolling, you know who you are. We’ve experienced first-hand and have also heard from many of our fellow pen testers that anti-virus solutions, especially some of the next-gen solutions are easy […]
Read more
Automating Password Cracking Using Responder and Hashcat! (Part 1)
February 7, 2019 / by Elteni / Cyber
Responder, one of the tools that is part of every pen-testers toolkit (if you are a pen-tester and you don’t use it, shame on you), is by far one of the greatest tools ever made. We use it on every internal and sometimes external pen test that we do. For those that aren’t familiar, responder […]
Read more
How we were able to bypass Windows Defender on a Windows 10 machine to get a reverse shell!
January 23, 2019 / by Elteni / Cyber, defeat, Evade, Evasion, Internal, Penetration Test, Red Team, Reverse Shell, Unicorn, Window 10, windows defender
It seems we just peaked your interest, right? Isn’t that the reason you are here reading this? It’s either that, or you are just trolling, you know who you are. We’ve experienced first-hand and have also heard from many of our fellow pen testers that anti-virus solutions, especially some of the next-gen solutions are easy […]
Read more
Is your email address the new social security number, and what does that mean?
November 18, 2018 / by Elteni / Cyber
Remember that time when you registered your first email address? For many of you it was probably with America Online (AOL), Echomail, Yahoo, Hotmail, etc. How many of you are still using those accounts today? I venture to say probably a good number of you. I openly admit that I still use an account that […]
Read more
Are you fully protected if relying on credit and identity theft monitoring?
August 21, 2018 / by Elteni / Credit Monitoring, Cyber, Data Protection, Identity Theft, Personal Risk
Are you a high net or ultra-high net worth individual? Do you think credit and identity theft monitoring is worth it? Are you currently enrolled in one of these programs? I have personally been enrolled in these programs since 2009. Does it solely give me comfort knowing that my credit and identity is protected? No, […]
Read more
Incident Response Plan – How do you move from developing one to testing it?
August 6, 2018 / by Elteni / Cyber, Incident Response, Table Top
In general, you’ve prepared for disasters that range from a file server crashing, to a total loss of power, and maybe even a hurricane making your offices inhabitable. You’ve thought through various scenarios that could affect your business and developed plans and procedures to document those efforts. You’ve worked so diligently to develop Disaster Recovery, […]
Read more
“New” phishing campaigns – leveraging scare tactics (Ransomware 3.0)
February 6, 2019 / by Elteni / BEC, BEC campaign, Bitcoin, bitcoin scam, Business Email Compromise, Cyber, Phishing, phishing attack, phishing campaign, phishing scam, ransomware
We got an email today that we thought was very interesting. Most of the email phishing campaigns that we’ve seen thus far, and the most common ones our clients typically get fall into two buckets: click a link or open an attachment. We all know how effective some of these campaigns are. Lots of people […]
Read more