by Terence Martin | May 16, 2023 | Compliance, cybersecurity, penetration testing
Open source intelligence gathering, or OSINT, can be a threat to organizations because it can be used to gather information about their employees, assets, and vulnerabilities. This information can then be used to launch targeted scanning against discovered...
by Andrew Nash | Apr 4, 2023 | Compliance, cybersecurity, penetration testing
Overview One of the most common findings we make at Contextual Security Solutions during internal penetration tests is the presence of vulnerable network protocols, like Link-local Multicast Name Resolution (LLMNR), Web Proxy Auto-Discovery (WPAD)...
by Slade Griffin | Sep 6, 2022 | cybersecurity, penetration testing, Uncategorized
We are constantly updating and evolving our deliverables in an effort to provide more context around our security services. With that in mind we have been tracking some metrics since 2020 that allow us to see why organizations remain vulnerable to compromise. One of...
by Andrew Nash | Aug 3, 2022 | cybersecurity, penetration testing, Uncategorized
“Hacking” isn’t magic, but sometimes it is presented that way. Much of penetration testing and “hacking” is learning the tools of the trade and how they work “under the hood.” In this series we hope to provide a high-level overview of common...
by Terence Martin | Jul 19, 2022 | cybersecurity, penetration testing
On a recent engagement, the client I was assessing had a relatively strong security posture. None of the old standby attacks were working. The client had disabled LLMNR and WPAD based on a previous security assessment, and all the client’s Windows machines were...
by Slade Griffin | Oct 23, 2020 | cybersecurity, penetration testing, whitelisting
Recently I have been asked by clients why we request that our scans be whitelisted when we are performing external security assessments. Many people believe that a blocked scan is the same as blocking a vulnerability which is present on a host. This could not be...
Recent Comments