Research

Introducing the Top 5 Insider Threat Findings of 2022 Report

Introducing the Top 5 Insider Threat Findings of 2022 Report 2048 1403 Andrew Hay
Lares analyzed the similarities between hundreds of insider threat engagements in 2022. Here is what we found. read more

Introducing the Top 5 CISO Findings of 2022 Report

Introducing the Top 5 CISO Findings of 2022 Report 1600 1280 Andrew Hay
Lares has analyzed the similarities between hundreds of purple team engagements in 2022. Here is what we found. read more

Introducing the Top 5 Purple Team Findings of 2022 Report

Introducing the Top 5 Purple Team Findings of 2022 Report 800 509 Andrew Hay
Lares has analyzed the similarities between hundreds of purple team engagements in 2022. Here is what we found. read more

Introducing the Top 5 Penetration Test Findings of 2022 Report

Introducing the Top 5 Penetration Test Findings of 2022 Report 1600 1604 Andrew Hay
Lares has analyzed the similarities between hundreds of penetration tests in 2022. Here is what we found. read more

Push Fatigue: We’re tired too

Push Fatigue: We’re tired too 640 450 Alex Kozlov
A technique known as “MFA bombing” allows attackers to bypass Multi-Factor Authentication. This post explains how to detect it. read more

The Lowdown on Lateral Movement

The Lowdown on Lateral Movement 1090 749 Anton Ovrutsky

What Is Lateral Movement ? Lateral movement is a broad MITRE ATT&CK category, consisting of nine distinct techniques and numerous sub techniques. Due to its breadth and linkages between other…

read more

Detection and Mitigation Advice for PrintNightmare

Detection and Mitigation Advice for PrintNightmare 2048 1365 Andy Gill

Introduction PrintNightmare(CVE-2021-34527) was released as a proof of concept this week on Github. This post highlights how the exploit PoCs released on Github work and how the specific vulnerability can…

read more

Introducing Sysmon Config Pusher

Introducing Sysmon Config Pusher 1026 685 Anton Ovrutsky

Introducing Sysmon Config Pusher When providing various services to clients, including Purple, Blue, and Red Team engagements, the Lares team often recomends Sysmon to close detection gaps. Indeed, Sysmon is…

read more

Active Directory (AD) Attacks & Enumeration at the Network Layer

Active Directory (AD) Attacks & Enumeration at the Network Layer 2048 1365 Anton Ovrutsky

Intro Defending an Active Directory environment, particularly a large one, is a daunting task. Telemetry generated by Active Directory itself as well as the hosts connected to it are critical…

read more

Malicious Azure AD Application Registrations

Malicious Azure AD Application Registrations 1090 726 Lee Kagan

Background It’s important I point out upfront that nothing I am demonstrating I can take credit for. Evidence of this used in the wild was talked about as mentioned here…

read more

Where There is Unity, There is Victory

[Ubi concordia, ibi victoria]

– Publius Syrus

Contact Lares Consulting logo (image)

Continuous defensive improvement through adversarial simulation and collaboration.

Email Us

©2024 Lares, a Damovo Company | All rights reserved.
Privacy Preferences

When you visit our website, it may store information through your browser from specific services, usually in the form of cookies. Some types of cookies may impact your experience on our website and the services we are able to offer. It may disable certain pages or features entirely. If you do not agree to the storage or tracking of your data and activities, you should leave the site now.

Our website uses cookies, many to support third-party services, such as Google Analytics. Click now to agree to our use of cookies or you may leave the site now.