lares

Introducing the Top 5 Purple Team Findings of 2022 Report
Introducing the Top 5 Purple Team Findings of 2022 Report 800 509 Andrew Hay
Lares has analyzed the similarities between hundreds of purple team engagements in 2022. Here is what we found. read more

Introducing the Top 5 Penetration Test Findings of 2022 Report
Introducing the Top 5 Penetration Test Findings of 2022 Report 1600 1604 Andrew Hay
Lares has analyzed the similarities between hundreds of penetration tests in 2022. Here is what we found. read more

Push Fatigue: We’re tired too
Push Fatigue: We’re tired too 640 450 Alex Kozlov
A technique known as “MFA bombing” allows attackers to bypass Multi-Factor Authentication. This post explains how to detect it. read more

How I Compromised Your Complex Password from The Internet
How I Compromised Your Complex Password from The Internet 1090 204 Ben Goodman

How I Compromised Your Complex Password from The Internet One of an attacker’s first goals is to gain a foothold in a target environment. The role or permissions of an…

read more

Kubernetes Hunting & Visibility
Kubernetes Hunting & Visibility 1280 905 Anton Ovrutsky

Intro Enterprise workloads are increasingly shifting to modern micro-service architectures. This shift can potentially mean that visibility, hunting, and defensive frameworks lag behind their traditional on-premises architectures and deployments. The…

read more

The Top 3 Security Program Tasks to Tackle in the New Year
The Top 3 Security Program Tasks to Tackle in the New Year 1024 682 Andrew Hay

In the spirit of the New Year, it’s time to reflect on the past and make measurable resolutions for the future. Many people use this time to focus on personal…

read more

Sysmon for Linux Test Drive
Sysmon for Linux Test Drive 1090 727 Anton Ovrutsky

If you have been within planetary orbit of our Purple Team, you will know that we are huge fans of Sysmon. You can imagine our excitement when Microsoft announced that…

read more

Detection and Mitigation Advice for PrintNightmare
Detection and Mitigation Advice for PrintNightmare 2048 1365 Andy Gill

Introduction PrintNightmare(CVE-2021-34527) was released as a proof of concept this week on Github. This post highlights how the exploit PoCs released on Github work and how the specific vulnerability can…

read more

Introducing Sysmon Config Pusher
Introducing Sysmon Config Pusher 1026 685 Anton Ovrutsky

Introducing Sysmon Config Pusher When providing various services to clients, including Purple, Blue, and Red Team engagements, the Lares team often recomends Sysmon to close detection gaps. Indeed, Sysmon is…

read more

Social Profiling – OSINT for Red/Blue
Social Profiling – OSINT for Red/Blue 1280 822 Andy Gill

One of the areas that I love when it comes to red/purple engagements is profiling organizations on LinkedIn and GitHub, looking for crucial information that can lead to more juicy…

read more

Where There is Unity, There is Victory

[Ubi concordia, ibi victoria]

– Publius Syrus

Contact Lares Consulting logo (image)

Continuous defensive improvement through adversarial simulation and collaboration.

Call Us

(720) 600-0329

Email Us

sales@lares.com

©2025 Lares, a Damovo Company | All rights reserved.
Enter your
text here