Lucene search
K
CoalfireRecent

603 matches found

The Coalfire Blog
The Coalfire Blog
added 2018/07/16 7:53 a.m.10 views

Humans Are the Weakest Link in Security

In our recent analysis of penetration testing engagements contained in our Penetration Risk Report, we discuss the impact that social engineering, specifically phishing, has on the ability to allow attackers insider access to compromise an organization...

4.7AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2018/07/13 4:13 p.m.46 views

Transitioning to the New SOC 2 Criteria – What You Need to Know

SOC 2 has seen quite a few changes in the past year in how reports must be presented in the future. The American Institute of Certified Public Accountants AICPA replaced the old SSAE 16 standard with SSAE 18, released the 2017 Trust Services Criteria, the new Description Criteria DC-200, and a ne...

0.6AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2018/07/13 3:34 p.m.14 views

NIST SP 800-171A Assessment: Finalized Assessment Objectives Foster a Roadmap to Compliance

On June 13, 2018, NIST formally released their Special Publication SP 800-171A, Assessing Security Requirements Controlled Unclassified Information CUI.This publication provides organizations with an assessment methodology to evaluate their compliance with the CUI security requirements defined in...

1.3AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2018/07/11 6:27 p.m.48 views

Expanded Privacy Protections Granted to California Residents: The California Consumer Protection Act

In late June, California passed a new consumer privacy law--the California Consumer Privacy Act CCPA. This statute provides protections to California residents; but it will also have wide-ranging effects outside of California as it will apply to organizations that conduct business in California...

3AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2018/07/09 10:25 p.m.14 views

Incident Response: Do Your Vendor Contracts Have Claws (for Liability)?

In previous blogs, weve discussed some of the struggles organizations have when responding to cyber incidents. For many, it is the recovery aspect, and specifically vendor liability for the data or privacy breach, that poses many questions. In trying to assign liability, the obvious place to star...

3.2AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2018/07/09 4:41 p.m.70 views

Common Questions and Answers Salesforce ISVs Need to Know for FedRAMP

Many Salesforce Independent Software Vendors ISVs are interested in pursuing FedRAMP to serve federal customers, but have many questions about the process. The four questions below are the most common questions that Coalfire receives from these ISV partners; we have provided some basic responses ...

2.7AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2018/06/26 8:8 p.m.53 views

Executing Meterpreter on Windows 10 and Bypassing Antivirus

One of my Labs colleagues recently published an article on the Coalfire Blog about executing an obfuscated PowerShell payload using Invoke-CradleCrafter. This was very useful, as Windows Defender has upped its game lately and is now blocking Metasploits Web Delivery module. I wanted to demonstrat...

2AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2018/06/26 5:37 p.m.24 views

The CMS Allows Health Plans to Host Their Own Enrollment Applications for Improved Consumer Experience

As part of the ongoing implementation of the Affordable Care Act ACA, the Centers for Medicare and Medicaid Services CMS recently began permitting direct enrollment entities qualified health plan issuers and web-brokers to host their own enrollment applications on their websites instead of proxyi...

2.2AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2018/06/25 7:21 p.m.84 views

The Threats That Are Your Weakest Link

Coalfire published the latest report in its Securealities series, The Penetration Risk Report, and its based on findings from Coalfire penetration tests. It includes data drawn from engagements with businesses of all sizes, spanning financial services, retail, healthcare, and technology/cloud...

1.9AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2018/06/12 7:11 p.m.16 views

IoT Discussion at the Leidos Supplier Innovation & Technology Symposium

Coalfire was asked to participate on a technical panel about the Internet of Things IoT at the Leidos Supplier Innovation & Technology Symposium on June 6. This event is a dynamic day enabling Leidos largest suppliers as well as targeted start-ups to showcase their offerings and capabilities to a...

2.5AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2018/06/11 9:32 p.m.17 views

How I Found CVE-2018-8819: Out-of-Band (OOB) XXE in WebCTRL

I like to do bug bounties from time to time, mostly when I am sacrificing sleep once the kids are finally out cold. This seemed like a worthy experience to document. Let me just start by saying I dont plan on going into the whole recon bits too deeply here. Maybe I will someday if I ever have...

0.6AI score0.03052EPSS
Exploits2
The Coalfire Blog
The Coalfire Blog
added 2018/06/08 7:26 p.m.21 views

Pro Tips: Testing Applications Using Burp, and More

Burp Suite is one of my favorite tools for web application testing. The feature set is rich, and anything that it does not do by default can usually be added with an extension. There are a few things, however, that while they exist in Burp Suite, are not completely intuitive. Below are a few pro...

1.2AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2018/06/07 8:54 p.m.11 views

A Cyber Engineering Primer: Vulnerability Management Lifecycle

According to the SANS Institute, "Vulnerability management is the process in which vulnerabilities in IT are identified and the risks of these vulnerabilities are evaluated. This evaluation leads to correcting the vulnerabilities and removing the risk or a formal risk acceptance by the management...

2.2AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2018/06/01 7:1 p.m.18 views

Continuous Monitoring in the Cloud

I recently spoke at the Cloud Security Alliances Federal Summit on the topic "Continuous Monitoring / Continuous Diagnostics and Mitigation CDM Concepts in the Cloud." As government has moved and will continue to move to the cloud, it is becoming increasingly important to ensure continuous...

1AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2018/05/31 9:51 p.m.20 views

PowerShell: In-Memory Injection Using CertUtil.exe

Have you ever heard the old saying," The only constant in life is change?" Nothing is truer in the world of penetration testing and information security than the certainty of change. New defenses are always emerging, and the guys and gals in the red team game are always having to evolve our effor...

1.3AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2018/05/23 6:57 p.m.21 views

Exploiting an Unsecured Dell Foglight Server

Dell Foglight for Virtualization is an infrastructure performance monitoring tool that can also be used to manage systems as well. It comes configured with a default username and password of "foglight."...

0.7AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2018/05/21 6:21 p.m.34 views

Pro Tip: The Right Way to Test JSON Parameters with Burp

Heres a Burp trick you might not know, which helped find this instance of command execution and lots of SQL injection in other applications. Despite PortSwigger claiming otherwise, Burp does not parse JSON very well, especially nested JSON parameters and values like you see below...

3.6AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2018/05/18 7:11 p.m.12 views

PCI DSS v3.2.1 – What You Need to Know

On Thursday, May 17, the PCI Security Standards Council PCI SSC released an updated version of the PCI DSS standard, primarily to include clarifications and minor revisions around controls that referenced SSL/early TLS. The new version removes notes referring to the effective date of February 1,...

2.7AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2018/05/17 3:56 p.m.8 views

A Cyber Engineering Primer: Automated Tools for Compliance Auditing

Cybersecurity practitioners sometimes forget to define and explain the terms we use during the course of our work. Thus, my colleagues and I have embarked on a series of posts that provide a primer on some of the most important cyber engineering practices. In this post, we will focus on...

3.4AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2018/05/16 8:36 p.m.13 views

AWS Certified Cloud Practitioner: A Valuable Certification for Professionals in Non-Technical Roles

Within the past year, AWS unveiled what is arguably one of the best programs they have ever offered to non-technical professionals in the AWS Partner Network APN: the AWS Certified Cloud Practitioner certification. The program, which is especially valuable for those in sales or marketing roles,...

3.7AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2018/05/09 5:40 p.m.16 views

Microsoft Word Document Upload to Stored XSS: A Case Study

Anytime I see a file upload form during an application test, my attention is piqued. In a best-case scenario, I can upload a reverse shell in a scripting language available on the webserver. If the application is running in PHP or ASP for example, it becomes quite easy. If I cant get a backdoor...

6.2AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2018/05/02 6:27 p.m.12 views

Cloud Security Governance - Optimizing the Business Benefits of Security in the Cloud

Enterprises are increasingly pursuing the business advantages of migrating technology platforms and services into the cloud environment leveraging one or more of the three main cloud service areas - Infrastructure as a Service IaaS, Platform as a Service PaaS, and Software as a Service SaaS. Thes...

1.1AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2018/04/30 6:37 p.m.15 views

Cooking Up Shells with Chef

I was able to compromise a Chef server on one of my recent engagements. Owning a Chef server means having the keys to the castle. I wasnt quite sure how to go about using this tool. Im familiar with Puppet as Ive spent the majority of my career on the systems side. Having never run into Chef, I...

0.7AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2018/04/27 6:4 p.m.26 views

RSA 2018 recap: GDPR, Increasing Visibility and Transparency of Cloud Security

RSA 2018 is in the books! The event welcomed 42,000 attendees to San Francisco, including cybersecurity professionals, vendors, media, and analysts. The themes of visibility and transparency repeatedly came up in discussions and presentations as organizations grapple with ever-increasing data flo...

2.1AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2018/04/23 7:8 p.m.12 views

PCI Compliance: Early-TLS and Cloud Service Providers

Organizations tracking their PCI compliance are likely aware of the impending June 30, 2018 deadline to disable SSLv3 and early-TLS. This blog post examines the special case of Cloud Service Providers CSPs and how their customers should proceed to achieve compliance...

4AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2018/04/16 11:3 p.m.7 views

A Cyber Engineering Primer: System Compliance and Hardening

Cybersecurity is a hot topic for just about everyone: it affects organizations as well as individuals, workers, and citizens. Each of us needs at least a basic understanding of how to safely use and protect the devices and systems that are a part of our day-to-day lives...

3.9AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2018/04/16 4:20 p.m.9 views

AICPA Releases New SOC 2 Guide – What You Need to Know

In March 2018, the American Institute of Certified Public Accountants AICPA released its highly anticipated new System and Organization Controls 2 SOC 2 guide, which includes information for the extant 2016 trust services principles and the new 2017 trust services criteria. The following is a...

0.8AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2018/04/09 8:43 p.m.35 views

Amanda Mesler of Microsoft Addresses the Women of Coalfire

Last month RISE, Coalfires association of women in cybersecurity and leadership, welcomed our inaugural guest speaker, Amanda Mesler, General Manager of Microsoft Central and Eastern Europe. I had the great fortune to interview her and lead a discussion with our members...

3.3AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2018/04/04 6:23 p.m.11 views

Sleuthing the Cloud: The Challenges of Forensics in Cloud Environments

More and more companies are embracing Cloud computing for the practicality, efficiency, and economy of outsourcing the housing, maintenance, and monitoring of applications and their associated infrastructure to a third-party provider. As the Cloud becomes more the norm than the exception, there i...

1.9AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2018/04/01 7:52 p.m.16 views

Background Checks on AIs and Other Challenges in the PCI World

Coalfire has noted a number of leading-edge technological challenges for enterprises managing the rapid pace of innovation while also aiming for PCI compliance. Wed like to review our recent experience and offer suggestions for these comparatively novel situations...

2.9AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2018/03/26 4:24 p.m.24 views

A Good Shell Is Hard to Choose

I had the recent opportunity to speak at BSides SLC, held on the Sandy campus of Salt Lake Community College. I tailored my presentation to the student demographic and chose to talk about one of the fundamental concepts that a penetration tester must understand: types of shells. I touched on the...

1AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2018/03/22 5:56 p.m.24 views

On Padding Oracle Attacks

Poodle is a vulnerability found in late 2014, and it is still occasionally seen during penetration tests. The vulnerability allows an attacker with a man-in-the-middle position to downgrade a secure connection between a client and a server to the vulnerable SSLv3. After the connection is...

2.8AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2018/03/21 10:15 p.m.20 views

Takeaways from GAM 2018: Internal Audit Embraces Cybersecurity

Last week, the Institute of Internal Auditors IIA held its 2018 Global Audit Management Conference at the Aria Resort in Las Vegas. With over 1,700 attendees, this was the most well-attended event in the history of the conference. Coalfire was one of the sponsors, and we were delighted to meet wi...

4.4AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2018/03/16 6:15 p.m.15 views

Icebreaker: Chip Away at Active Directory Passwords, Automatically

To break the ice with Active Directory and shorten the cycles penetration testers spend on cracking passwords, I developed Icebreaker, a tool that automates network attacks against Active Directory and provides plaintext credentials. Icebreaker performs five network attacks in order...

4.1AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2018/03/12 7:2 p.m.17 views

Managing Your Vulnerabilities, FedRAMP Style

As a member of Coalfires Cyber Engineering team, I frequently get questions about vulnerability Deviation Requests DRs from Cloud Service Providers CSPs seeking Federal Risk and Authorization Management Program FedRAMP authorizations. In this post, Ill try to answer questions we frequently...

4AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2018/03/07 12:28 a.m.16 views

Highlights from the HITRUST Third-Party Assurance Summit

The HITRUST TPA Summit brought together experts representing customers, vendors, and assessor firms in various aspects of risk management to share best practices, lessons learned and effective third-party risk management strategies leveraging the HITRUST CSF Assurance Program and HITRUST Assessme...

0.3AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2018/03/06 12:8 a.m.16 views

DFARS 7012 Compliance

At Coalfire, we field a lot of questions from government contractors about compliance with National Institute of Science and Technology NIST Special Publication SP 800-171. We also address requests for help with "DFARS 7012," which is a commonly used shorthand for Defense Acquisition Regulation...

2.5AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2018/03/05 6:23 p.m.14 views

NIST Interagency Report on IoT: An Incremental Step Toward IoT Standards

The Internet of Things IoT has been widely regarded as representing a significant cybersecurity risk, which will only grow as connected devices continue to proliferate. As an important step in addressing these concerns, the Interagency International Cybersecurity Standardization Working Group IIC...

2.2AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2018/02/28 8:37 p.m.18 views

New SEC Cyber Risk Disclosure Guidance: What Does It Mean for Public Companies?

On February 21, the U.S. Securities and Exchange Commission SEC issued the long overdue cybersecurity interpretive guidance to address the methods and timing of cybersecurity risks and incidents disclosures. To signify the importance of this updated guidance, five SEC commissioners issued the...

1.4AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2018/02/27 8:29 p.m.18 views

NIST SP 800-171: What U.S. Government Contractors Need to Know

In December 2016, NIST released Special Publication 800-171, Revision 1: Protecting Controlled Unclassified Information in Nonfederal Systems. Since that publication, I have worked with dozens of government contractors to help them understand this publication and determine if and how it applies t...

2.4AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2018/02/21 11:39 p.m.23 views

The HITRUST CSF Version 9.1 Release – How It Could Apply to Your Organization

If youre familiar with the Health Information Trust Alliance HITRUST Common Security Framework CSF, then youre likely aware that HITRUST revises the CSF requirements twice annually to account for new regulations, technologies, and business models affecting the security of Protected Health...

2.2AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2018/02/15 8:34 p.m.12 views

Cyber Engineering for 2018 and Beyond

2017 could be considered one of the most exciting or horrifying years in the technology industry. End-of-year statistics showed that the number of reported breaches in the business sector saw a 21% increase over the previous year, and headlines from all major news outlets were riddled with report...

2.5AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2018/02/06 7:42 p.m.14 views

Introducing Red Baron - Automate the Creation of Resilient, Disposable, Secure, and Agile Infrastructure for Red Teams

The need to automate the creation of disposable red-team infrastructure is key to providing effective adversary simulations. As Coalfire Labs continued to grow, our team needed a system to quickly configure and spin up C2 and/or phishing infrastructure, run multiple campaigns at the same time, an...

2.1AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2018/01/26 7:3 p.m.14 views

The Archimedes Medical Device Security 101 Conference - A Secure Forum for Security Issues

The University of Michigans Archimedes Center for Medical Device Security hosted its second annual MDS 101 conference in Orlando this month. The conference provides a secure forum for attendees to speak freely about cybersecurity issues with respected professionals who can help establish best...

2.2AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2018/01/16 6:11 p.m.21 views

Has Your O365 Account Been Hacked?

In the past six months, Coalfire has seen an increase in businesses receiving fraudulent emails from legitimate client accounts with fraudulent invoice attachments. In several cases, the recipient paid the invoices not realizing they were fraudulent. The losses have ranged between thousands and...

1.6AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2018/01/05 9:18 p.m.9 views

The Spectre of Chips on Meltdown

The news is rife with emerging details of Intel and other chip vulnerabilities and the hardware bugs that can potentially exploit them. While details are still developing and will likely continue to be uncovered in the days, weeks, and even months ahead, we will explore what is known to date...

2.3AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2018/01/02 10:41 p.m.16 views

Healthcare Security Pros Prioritize Sharing and Caring in the Wild, Wild West of Healthcare

Security professionals from healthcare delivery organizations HDOs, medical device manufacturers, and pharmaceutical companies gathered in Scottsdale, Arizona for the NH-ISAC Cyber Rodeo Summit last month. The big topics were how to share more threat intelligence, while at the same time ensuring...

1.1AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2017/12/19 8:25 p.m.12 views

Look Out! Risk Is on the Move, According to IoT Thought Leaders from Across the Globe

The IoT Security Summit 2017 in New York City in late October and the Security of Things World USA 2017 in San Diego last month were both packed with thought leaders from all parts of the IoT ecosystem - device manufacturers, telecom carriers, cloud providers, and early-adopter end users from...

2.4AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2017/12/18 9:23 p.m.15 views

Black Hat Europe puts cybersecurity on the C-Suite Agenda

Black Hat is renowned for being one of the biggest, most technical security conferences in the world operating in the USA, Europe and Asia. 2017 marks Europes first Black Hat Executive summit, a format well received for senior executives to be able to openly discuss cyber security concerns and...

2.2AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2017/12/15 12:0 a.m.10 views

Cybersecurity Incident Response: Three Lessons from Uber’s Story

The recent news regarding the Uber breach has captured the attention of both the public and legislators. It seems that Ubers security team discovered a breach, paid a ransom, and didnt report the matter to company leaders, law enforcement, personnel, or customers...

1.7AI score
Exploits0
Total number of security vulnerabilities603