Skip to content
PwnDefend
  • Base
  • Comms Room
    • Customer Feedback
    • Company Information
    • Security Management
  • Services
    • Consulting Services
      • Enterprise Security Posture Assessment
      • Cyber Security Assurance & Security Testing Services
      • IT Security Healthchecks
      • Active Directory Assessment Services
      • Managed Remediation Services
    • Emergency Cyber Incident Response Support
    • Our Success Stories
    • Partner Services
  • Blog
  • Privacy
Defense

Make Logging Great Again (MLGA)

Ok so i’ve been showing how alot of things do NOT get audited in Windows out of the box (on Twitter obviously) so I thought I’d export the CSV which you can import to enable some of the advanced logging features into a GPO without so many clicks (RSA sucks!)

So here is a CSV file that you can use to import! this isn’t everything you need to do, but it’s a start!

Read more “Make Logging Great Again (MLGA)” →
Defense

CVE-2020-27130 – Path Traversal on CISCO Security Manager

CVSS 9.1 – CWE-35

“A vulnerability in Cisco Security Manager could allow an unauthenticated, remote attacker to gain access to sensitive information.

The vulnerability is due to improper validation of directory traversal character sequences within requests to an affected device. An attacker could exploit this vulnerability by sending a crafted request to the affected device. A successful exploit could allow the attacker to download arbitrary files from the affected device.”

On the 16/11/2020 a POC for a range of CISCO device vulnerabilities was released on GitHub by https://twitter.com/frycos.

Read more “CVE-2020-27130 – Path Traversal on CISCO Security Manager” →
Defense

Secure Remote Access VPN

If your VPN can be brute forced, I hate to break it to you, but it’s got a bit of a design/implementation problem! Now I’m not going to go into VPN RCE’s (we’ve seen a lot of them in recent times) but let’s look at what we can do to protect our remote access services! Read more “Secure Remote Access VPN” →

Defense

Modern Windows Device Security Assurance

Imagine the scenario… your environment is fully cloud based. there are no domain controllers, you have no “corporate” network and every device is an island. Here we are going to explore what that world might look like from a security pov. This is the modern Windows environment.

  • Devices are enrolled to Azure AD
  • Devices are managed by Intune
  • Office 365 is deployed in cloud only mode

As a security professional on either the offensive of defensive side you have a new landscape to deal with. No longer are you running responder and moving latterly via WMI/RPC, PowerShell or RDP, because well there isn’t a ‘network’ per say. Read more “Modern Windows Device Security Assurance” →

Recent Posts

  • Microsoft Outlook Elevation of Privilege Vulnerability (CVE-2023-23397)
  • The Long Game: Persistent Hash Theft
  • The Hacker on a Train
  • Adopting an Attacker Mindset to Defend Healthcare
  • Caught: A Hacker Adventure

Recent Comments

No comments to show.

Archives

  • March 2023
  • February 2023
  • January 2023
  • December 2022
  • November 2022
  • October 2022
  • September 2022
  • August 2022
  • July 2022
  • June 2022
  • May 2022
  • April 2022
  • March 2022
  • February 2022
  • January 2022
  • December 2021
  • November 2021
  • October 2021
  • September 2021
  • August 2021
  • July 2021
  • May 2021
  • April 2021
  • March 2021
  • February 2021
  • January 2021
  • December 2020
  • November 2020
  • October 2020
  • September 2020
  • August 2020
  • July 2020
  • March 2020
  • February 2020
  • January 2020
  • October 2019
  • May 2019
  • April 2019
  • March 2019
  • February 2019
  • January 2019
  • December 2018
  • October 2018
  • September 2018
  • August 2018
  • July 2018

Categories

  • Architecture
  • Breach
  • Company News
  • CTF
  • Defence
  • Defense
  • Education
  • Fiction
  • Getting into Cyber
  • Guides
  • Hacking
  • IOT
  • Leadership
  • News
  • OSINT
  • Reviews
  • Strategy
  • Threat Intel
  • Uncategorized
  • Vulnerabilities
Copyright (c) Xservus Limited