Security Risk Advisors

Blog

The Way It Was

The concept of purple teaming is not new.  We’ve been doing it for years; it was just disjointed and we didn’t call it “purple” or “red and blue”.  Instead, the red team “broke in” (usually walked in), perused the aisles, took what they… Continue Reading

Getting the GAL

August 24, 2016 | Posted in Red Teams by Barrett Adams

Background

One of the staples of any external penetration test is a single-password brute force attack against single-factor remote access portals. To start, we gather a list of likely usernames or emails (whatever the targeted portal requires) and us… Continue Reading

SEP USB Device Control - The Cheetah and The Hare

June 29, 2016 | Posted in Purple Teams by Chris Myers

About a year ago, we were performing a laptop hardening and configuration review at one of our financial services clients using Symantec Endpoint Protection’s (SEP) USB Device Control as part of their Data Loss Prevention solution. One way SEP keeps … Continue Reading

What is Whaling?

Spear phishing continues to be a trend amongst attackers as one of the easier ways into a company’s environment as it only takes a single user to take the bait. This can be especially troublesome when attackers begin to target high va… Continue Reading

One of the most pressing internal network security issues is limiting the ability of an attacker to perform privilege escalation. In my experience, once administrative level access is obtained to a Windows system it is trivial for an attacker to dump… Continue Reading