Lucene search
K
CoalfireRecent

603 matches found

The Coalfire Blog
The Coalfire Blog
added 2019/06/04 4:4 a.m.61 views

Fuzzing: Common Tools and Techniques

Fuzzing is a software testing methodology that can be used from either a black or white box perspective and predominantly consists of providing deliberately malformed inputs to an application to identify errors such as unhandled exceptions, memory spikes, thread hangs, read access violations or...

2.8AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2019/05/20 6:17 p.m.22 views

pymetasploit3 – Metasploit Automation Library

Have a checklist of tasks you perform every penetration test, such as SSH bruteforcing or port mapping? Automate it with Python and Metasploit! Unfortunately, there hasnt been a working, full-featured Python library for making these tasks easy for many years now. This changes today...

2.6AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2019/05/02 8:58 p.m.46 views

Is Cloud Computing Really New? And Other Insights on the Changing Face of Cloud

What is cloud computing, and why is its increased use getting so much attention? In my view, cloud computing is just the latest iteration of what started back in the days of the IBM service bureaus of the 1960s and 70s. Back then, only a handful of organizations had the resources to own and opera...

1.8AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2019/04/24 5:46 p.m.33 views

A day in the life of a cybersecurity professional

After I graduated from high school, I knew I wanted to do something in computers and IT, but I did not know exactly what - the IT help desk route, databases and database management, programming and software development, or something else perhaps? I knew one thing though - I did not want to be in ...

6.8AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2019/04/18 4:9 p.m.12 views

Coalfire participates in cybersecurity disaster exercise at the 2019 HSCC Spring Summit

The Healthcare and Public Health Sector Coordinating Council HSCC conducted their biannual Joint Cybersecurity Working Group JCWG All-Hands Meeting on April 3-4, 2019. As a member of HSCC, Coalfire participated in the JCWG meeting with other security leaders from across the healthcare industry an...

6.9AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2019/04/17 9:39 p.m.115 views

Processing payments in the cloud

Some things work so well together that even suggesting they dont now seems almost ridiculous. But I wonder, who were the pioneers that fought back when questioned about the jelly on the PB? The savory with the sweet. The steak wrapped in cheese . . . those crazy hipsters spreading avocado on toas...

7AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2019/04/09 10:39 p.m.54 views

The death metal suite

Intel Active Management Technology AMT is a feature provided by Intel for remote administration. If you happen to have a corporate laptop, odds are you too have AMT built into your system. To a sysadmin, AMT eases access to machines for the sake of assisting employees with technical issues, even ...

6.9AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2019/04/04 6:36 p.m.43 views

Tax time again: IT security for accounting firms

As the end of another busy tax season approaches, it is important for accounting firms to remember their obligations related to data security. Accounting firms maintain a significant amount of data on behalf of their own employees and clients. These firms house financial records, tax information,...

6.9AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2019/04/03 9:56 p.m.70 views

Introducing Our New Scanning Platform, CoalfireOne Scans

As you may be aware by now considering previous blog posts, ongoing walk-through webinars, and our press release, we released Coalfires brand new vulnerability scanning platform, CoalfireOne Scans, this morning. All of us here at the CoalfireOne Scanning Services Team are truly excited to see its...

1AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2019/03/28 8:15 p.m.66 views

Leveraging AWS Trusted Advisor for Security and Compliance

The benefits of undergoing mandatory or voluntary cybersecurity compliance assessments are well known throughout the cybersecurity industry. These benefits include improving the security posture of the organization, enabling sales to move faster through the sales lifecycle, addressing regulatory...

2.5AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2019/03/21 5:10 p.m.76 views

High-Power Hash Cracking with NPK

Password hashes are an everyday part of life in Coalfire Labs. Barring any other low-hanging fruit, its not uncommon for a penetration test to hinge on recovering a plaintext password from one of these hashes. Whether its NTLM hashes from Active Directory, NetNTLMv2 from Responder, WPA2 PMK from ...

1.6AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2019/03/18 10:26 p.m.66 views

Observations from RSA Conference, 2019

Last week, the 2019 RSA Conference was held with typical energy and exuberance in San Francisco. One of the largest cybersecurity industry conferences, it had over 700 exhibiting vendors not including another 50 in their Early Stage Expo area and over 500 sessions covering a wide range of current...

2.1AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2019/03/15 5:56 p.m.188 views

“Password Spraying”—What to Do and How to Avoid It

Cyber breaches arent the only hot topic in the cyber media--sometimes the attack tactics themselves can claim the limelight when a significant breach gains media attention. One tactic getting some attention in the news is "password spraying." We offer an overview of what it is, how to avoid it, a...

3.2AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2019/03/14 9:22 p.m.86 views

Update to Microsoft Checks

Part of the glamorous life of an ASV involves a rigorous Quality Assurance program to ensure that we are the best ASV's we can possibly be. Some of those efforts are not as readily apparent to our clients as others; but on some occasions, we like to share when our work directly benefits those who...

2.8AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2019/02/22 5:53 p.m.85 views

Enabling Clients to Cope with ASV Scans

Gathering evidence, applying patches, and configuring your systems in preparation for submitting your vulnerability disputes can be a nerve-wracking and daunting task. To better enhance your understanding of the Approved Scanning Vendor ASV process, Ive outlined some coping mechanisms and tools t...

2.4AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2019/02/21 7:35 p.m.90 views

Forensics and the Internet of Things (IoT)

Today, the Internet of Things IoT means that billions of devices are connected to the Internet. People and organizations are looking to connect devices more frequently for automation, simplification, and the feature advantages the IoT delivers. Items such as smoke detectors, glasses, watches,...

3.7AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2019/02/19 7:46 p.m.52 views

Encryption of Federal Data

One of the biggest challenges our customers face when pursuing Federal Risk and Authorization Management Program FedRAMP compliance is the federal mandate that Federal Information Processing Standards FIPS 140-2 validated cryptographic modules must be consistently applied where cryptography is...

2.9AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2019/02/15 6:36 p.m.97 views

Valuing IR Preparedness: Identifying and Communicating ROI

In the information security community, a proactive approach to incident response is always considered best practice. Reacting in the moment can drain resources and often, the full impact of the incident may take weeks or even months to remediate. Despite this, making a case to management for the...

2.5AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2019/02/12 9:44 p.m.76 views

How Hospitals Can Tie Cost Reduction to a Solid Data Security Program

When I have conversations with hospitals and other organizations subject to HIPAA, one of the first questions asked is "if I have a data breach, will OCR fine me, and if so, how much?" Many organizations decide to gamble: they opt to save time and money by not implementing a robust information ri...

0.7AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2019/02/11 6:2 p.m.68 views

Work It ‘til You Make It – Part 1

I was recently asked to be a speaker on my first "Women in Cybersecurity" panel. I accepted, despite my admitted fear of speaking in public, on a stage, dishing honesty to be judged by strangers. But, I did it because I know that itll make me a better speaker and a better leader - the more...

1.1AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2019/02/04 9:17 p.m.54 views

Compensating Controls: When Patching Isn’t an Option

Your software vendor is asleep at the wheel and your devs still need that legacy daemon...

1.8AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2019/01/30 7:20 p.m.87 views

The HOW, WHY, and HUH? Blog on Disputes

As you may know, performing vulnerability scans is a requirement for PCI DSS compliance. One of those specific requirements, described in section 11.2.2, states that quarterly external scanning must be done by a qualified Approved Scanning Vendor. Coalfire just so happens to be an ASV, so if you...

1.6AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2019/01/21 10:13 p.m.27 views

The California Consumer Privacy Act: Will It Apply to Your Organization?

In August 2018, California issued a revised version of a new consumer privacy law--the California Consumer Privacy Act CCPA. This statute goes into effect on January 1, 2020 and provides broad privacy protections to California consumers. This statute will have wide-ranging effects outside of...

4.2AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2019/01/21 6:33 p.m.102 views

PA-DSS to Software Security Framework: What You Need to Know

The Payment Application Data Security Standard PA-DSS developed by the Payment Card Industry Security Standards Council PCI SSC applies to software vendors and others who develop payment applications that store, process, or transmit cardholder data and/or sensitive authentication data. The list o...

2.7AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2019/01/18 9:6 p.m.209 views

Scan Interference

Scan interference is best defined as when traffic from our scanners gets blocked, filtered, dropped, or modified in response to some sort of active protection system not recognizing our traffic. Once our scanners are flagged as an intruder, the clients environment is no longer accessible, which...

2.4AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2019/01/08 8:10 p.m.74 views

CoalfireOne Special Notes

PCI-DSS can be challenging to navigate - particularly when it comes to the ASV scanning requirements. While fulfilling the scanning requirement is easy, obtaining a passing attestation report may involve more than simply remediating failed findings. One requirement that we receive many questions...

2.1AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2019/01/08 6:56 p.m.65 views

RISE in the Community

Hope House of Colorado is metro-Denvers only resource for providing free self-sufficiency programs to teen moms, including residential, General Educational Development GED, and college and career programs. Additional supportive services include parenting and healthy relationship classes, life...

0.7AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2018/12/21 5:42 p.m.83 views

Epic Holiday Cookie Baking

One aspect of being a penetration tester that is always rewarding is the process of rabbit-holing into an area of interest and letting the data guide me to my destination. Recently, while updating and testing new code on a custom cookie fuzzing tool Anomalous Cookie -...

0.3AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2018/12/19 9:43 p.m.85 views

PCI Announces Coming Qualified PIN Assessor (QPA) Program

Second only to protecting sensitive credit card account information, safeguarding the cardholders personal identification number PIN is one of the most important tasks for prevention of card-present fraud in retail and banking. With the continued movement toward chip-and-PIN EMV the technology...

1.1AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2018/12/10 4:38 p.m.68 views

What You Should Know About the Changing Nature of Telephone-Based Payments

In March 2011, the PCI SSC released the initial version of the "Protecting Telephone-Based Payments Card Data" Information Supplement as a guide to help assessors assess environments where cardholder data was stored, processed, and/or transmitted over the telephone. It was a pivotal guidance...

1.3AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2018/12/07 10:37 p.m.162 views

Kubernetes Vulnerability: What You Can and Should Do to Protect Your Enterprise

This week, news was released regarding a critical security Common Vulnerability and Exposure CVE associated with the Kubernetes container software CVE-2018-1002105. While this is only a reported vulnerability at this stage and no actual exploits have been reported to date, organizations that have...

7.5CVSS1.9AI score0.86978EPSS
Exploits10
The Coalfire Blog
The Coalfire Blog
added 2018/11/26 11:5 p.m.53 views

The Effect of NIST 800-171A on Government Contractors

NIST 800-171A introduces a standardized opportunity to perform a more structured and granular level of assessment leveraging the National Institute of Standards and Technology NIST Special Publication SP 800-171 framework...

3AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2018/11/26 5:13 p.m.44 views

HIPAA Complaints, OCR Investigations, and Security Risk Analysis for Healthcare Delivery Organizations – A Common Thread

Many HIPAA covered entities CEs and business associates BAs may not be meeting the regulatory mandate as defined in §164.308a1iiA of the HIPAA Security Rule. This implementation specification requires that healthcare delivery organizations HDOs "Conduct an accurate and thorough assessment of the...

2.5AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2018/11/06 9:19 p.m.13 views

Upcoming Changes to Cryptographic Findings in Q4 2018

The security world is a constantly changing and evolving landscape, and as part of Coalfire's commitment to security, we need to constantly review and update vulnerability information for vulnerability scanning to keep up. We've made some changes to previously acceptable vulnerability checks, whi...

0.8AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2018/10/22 5:41 p.m.52 views

Automating Incident Prevention and Response in AWS

Information security incidents can result in reputational damage, financial losses, or a loss of system functionality for organizations at any time. Because threats and attack vectors are growing rapidly, organizations must prepare to respond to incidents in real time. The incident response IR...

3.1AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2018/10/18 5:15 p.m.40 views

Coalfire Teams with Healthcare and Public Health Sector Coordinating Council (HSCC) for Fall Summit

The Department of Homeland Security DHS charged the Healthcare and Public Health Sector Coordinating Council HSCC with serving as a partnership between the private and public healthcare sectors. To that end, two unique councils were formed: The Healthcare and Public Health Government Coordinating...

1.4AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2018/10/05 9:24 p.m.62 views

What You Need to Know from the North American PCI Community Meetings

Too busy to attend the PCI Community Meetings this year? Coalfire has you covered with the top 6 things you need to know from the most important annual payments conference in the world...

1.7AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2018/10/03 8:13 p.m.65 views

IoT Adventures: The LeFun WiFi Camera

Recently I happened to be in the market for a baby monitor, so I decided to search Amazon for an affordable device that would fit my needs. A search for "baby monitor" within the "electronics" department brought me to the LeFun WiFi Camera. For $39.99 at the time of my purchase, this seemed like ...

Exploits0
The Coalfire Blog
The Coalfire Blog
added 2018/09/28 4:13 p.m.25 views

Waiting, Waiting, Waiting... Is There a Right Time for Breach Notification?

Recently, a popular online retailer revealed a month-long data breach. Card-skimming code was found capturing customer credit card data from the payment page of its website and sending that data to what appeared to be a legitimate server with a similar domain name and a valid HTTPS certificate. T...

0.3AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2018/09/25 8:31 p.m.53 views

The Unhealthy Security of Healthcare

I have been involved in a number of healthcare penetration tests here at Coalfire and in my previous roles. I have hacked electronic medical records, medical devices, and most importantly, humans. From my time as a systems engineer at a medical device and systems vendor to my current role at...

1.3AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2018/09/25 5:48 p.m.328 views

Leading in Privacy

On September 24, I was pleased to represent Coalfire and private-sector expertise by attending the kickoff for the Privacy Framework at the Brookings Institute in Washington, D.C. The event was attended by notable leaders in the industry and government: The Departments of Transportation and...

1.8AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2018/09/19 12:57 a.m.13 views

The Unhealthy Security of Healthcare

I have been involved in a number of healthcare penetration tests here at Coalfire and in my previous roles. I have hacked electronic medical records, medical devices, and most importantly, humans. From my time as a systems engineer at a medical device and systems vendor to my current role at...

1.3AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2018/09/12 9:43 p.m.72 views

Phantom Acquisition Lets Splunk SOAR

At the SplunkLive! Conference in Washington, D.C., Splunk gave a presentation on Phantom, a Security Orchestration, Automation, and Response SOAR system. Splunk acquired Phantom this year for $350 million...

1.7AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2018/09/11 10:15 a.m.23 views

From OSINT to Internal: Gaining Domain Admin from Outside the Perimeter

When I first began working at Coalfire in early 2017, I couldnt wait to get started pentesting professionally for the first time. When I finally got tasked with my first gig, I dove right in. I was tasked to perform an assessment of the external network. After hitting all known servers and web...

1.3AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2018/09/04 6:34 p.m.149 views

Exploiting Blind Java Deserialization with Burp and Ysoserial

While performing a web application penetration test, I stumbled upon a parameter with some base64 encoded data within a POST parameter. Curious as to what it was, I sent it over to Burp decoder...

7AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2018/08/28 7:52 p.m.59 views

AWS Slurp Github Takeover

Slurp is a tool used by information security professionals to enumerate AWS S3 buckets. Slurp takes a domain name example.com or wordlist as input and cycles through likely S3 bucket names example.s3.amazonaws.com looking for any world-read/writeable buckets. S3 buckets are a great find for...

1AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2018/08/15 9:32 p.m.16 views

The Dangers of Client Probing on Palo Alto Firewalls

While performing a routine internal penetration test, I began the assessment by running Responder in analyze mode just to get an idea of what was being sent over broadcast. Much to my surprise, I found that shortly after running it, a hash was captured by Responders SMB listener...

1.6AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2018/08/09 6:57 p.m.48 views

Google Cloud NEXT '18: A Growing Event with Much to Offer

If you want to learn whats up and coming for Google Cloud and make some great connections, Google Cloud NEXT is an informative, lively event to prioritize on your conference calendar. Coalfire attended the recent Google Cloud NEXT 18 conference in San Francisco July 24-27 and found it to be a goo...

0.7AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2018/08/08 7:42 p.m.98 views

Our Analysis: Gartner’s Hype Cycle for Risk Management, 2018

For those of us charged with managing cyber risk as well as planning and budgeting for cybersecurity, the Gartner "Hype Cycle for Risk Management, 2018" provides some helpful perspectives that are useful in setting both priorities and expectations...

1.9AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2018/07/17 4:46 p.m.54 views

Humans Are the Weakest Link in Security

In our recent analysis of penetration testing engagements contained in our Penetration Risk Report, we discuss the impact that social engineering, specifically phishing, has on the ability to allow attackers insider access to compromise an organization...

4.7AI score
Exploits0
Total number of security vulnerabilities603