Lares® encounters a seemingly endless number of vulnerabilities and attack vectors when we conduct a penetration test or red team engagement, regardless of organization size or maturity. Though not every…
read moreThis post is part 2 in the Hunting Azure Admins for Vertical Escalation series. Part 1 of this series detailed the usage and functionality of Azure authentication tokens, file…
read moreFollow Up: Tricks, Trolls, and Securing the Home Worker In our recent blog about securing home workers, we drew attention to the impact of social engineering and the spread of…
read moreBy now, you are most likely working from home for purposes of social distancing. Call it whatever you will, ‘shelter in place,’ ‘hunkering down,’ or ‘self-quarantine,’ we have all been…
read moreIn-person office hours are important for learning and engagement, yet risk serving only people who live close to one another and have flexible schedules. Many people have family responsibilities and…
read moreZoombombing is one of the latest digital shenanigans to surface during the current COVID-19 crisis to abuse video conferencing users. With the increased reliance on video conferencing platforms due to…
read morehttps://www.lares.com/wp-content/uploads/2020/03/Andrew_Sitting.mp4
read moreIn this post, we will look at a rather simple, but important procedure when attacking organizations that leverage cloud providers such as Microsoft Azure. There is a lot of excellent…
read moreWeek 1. Lares. Some months back, when Andrew Hay decided to join forces with Lares founders Chris Nickerson and Eric Smith, the security community cheered the move from the sidelines,…
read moreOn January 7, 2020 the National Credit Union Administration issued its yearly supervisory priorities and Information Systems and Assurance (Cybersecurity) received some renewed focus. According to the National Association of…
read more