Research

Malicious Azure AD Application Registrations

Malicious Azure AD Application Registrations 1090 726 Lee Kagan

Background It’s important I point out upfront that nothing I am demonstrating I can take credit for. Evidence of this used in the wild was talked about as mentioned here…

read more

Lares Contributes to the Verizon DBIR

Lares Contributes to the Verizon DBIR 833 833 Andrew Hay

Another year has passed and that means that it’s time for the annual Verizon Data Breach Investigations Report (DBIR). In its 13th year, the DBIR provides data from real-world breaches…

read more

Upcoming Webinar: Purple Teaming with ATT&CK

Upcoming Webinar: Purple Teaming with ATT&CK 300 300 Andrew Hay

  Join us on May 6th to learn how can teams come together on both offense and defense to outmatch the highest priority threats. This open and frank discussion featuring…

read more

The Top 10 Penetration Test Findings from 2019 with Eric Smith and Tim McGuffin

The Top 10 Penetration Test Findings from 2019 with Eric Smith and Tim McGuffin 1080 720 Andrew Hay

Lares® encounters a seemingly endless number of vulnerabilities and attack vectors when we conduct a penetration test or red team engagement, regardless of organization size or maturity. Though not every…

read more

Hunting Azure Admins for Vertical Escalation: Part 2

Hunting Azure Admins for Vertical Escalation: Part 2 1360 1068 RJ McDown

  This post is part 2 in the Hunting Azure Admins for Vertical Escalation series. Part 1 of this series detailed the usage and functionality of Azure authentication tokens, file…

read more

Hunting Azure Admins for Vertical Escalation

Hunting Azure Admins for Vertical Escalation 2048 1402 Lee Kagan

In this post, we will look at a rather simple, but important procedure when attacking organizations that leverage cloud providers such as Microsoft Azure. There is a lot of excellent…

read more

Use-After-Free (UAF) Vulnerability CVE-2019-1199 in Microsoft Outlook

Use-After-Free (UAF) Vulnerability CVE-2019-1199 in Microsoft Outlook 2048 1536 RJ McDown

Overview R.J. McDown (@BeetleChunks) of the Lares® Research and Development Team discovered a Critical Remote Code Execution vulnerability in the latest version of Microsoft Outlook. R.J. and the Lares R&D…

read more

Announcing The Lares Top 5 Penetration Test Findings For 1H 2019

Announcing The Lares Top 5 Penetration Test Findings For 1H 2019 683 402 Andrew Hay

Lares® is pleased to announce its inaugural Top 5 Penetration Test Findings Report for the first half of 2019 (1H2019). Lares encounters a seemingly endless number of vulnerabilities when we…

read more

Abusing Common Cluster Configuration for Privileged Lateral Movement

Abusing Common Cluster Configuration for Privileged Lateral Movement 2048 1365 Tim McGuffin

Tech sites have published articles that walk a Windows Systems Administrator through the process of adding a machine account to the Local Administrators group on another machine.  

read more

Where There is Unity, There is Victory

[Ubi concordia, ibi victoria]

– Publius Syrus

Contact Lares Consulting logo (image)

Continuous defensive improvement through adversarial simulation and collaboration.

©2019 Lares, LLC | All rights reserved.
    Privacy Preferences

    When you visit our website, it may store information through your browser from specific services, usually in the form of cookies.Some types of cookies may impact your experience on our website and the services we are able to offer. It may disable certain pages or features entirely. If you do not agree to the storage or tracking of your data and activities, you should leave the site now.

    Our website uses cookies, many to support third-party services, such as Google Analytics. Click now to agree to our use of cookies or you may leave the site now.