microsoft

How I Compromised Your Complex Password from The Internet

How I Compromised Your Complex Password from The Internet 1090 204 Ben Goodman

How I Compromised Your Complex Password from The Internet One of an attacker’s first goals is to gain a foothold in a target environment. The role or permissions of an…

read more

Active Directory (AD) Attacks & Enumeration at the Network Layer

Active Directory (AD) Attacks & Enumeration at the Network Layer 2048 1365 Anton Ovrutsky

Intro Defending an Active Directory environment, particularly a large one, is a daunting task. Telemetry generated by Active Directory itself as well as the hosts connected to it are critical…

read more

From Lares Labs: Defensive Guidance for ZeroLogon (CVE-2020-1472)

From Lares Labs: Defensive Guidance for ZeroLogon (CVE-2020-1472) 2048 1365 Anton Ovrutsky

About Zerologon (CVE-2020-1472) On September 11th, 2020, Secura researcher Tom Tomvoort published a blog post outlining the Zerologon vulnerability. Microsoft’s August Patch Tuesday releases contained a patch for CVE-2020-1472 which…

read more

Hunting Azure Admins for Vertical Escalation: Part 2

Hunting Azure Admins for Vertical Escalation: Part 2 1360 1068 Andrew Hay

  This post is part 2 in the Hunting Azure Admins for Vertical Escalation series. Part 1 of this series detailed the usage and functionality of Azure authentication tokens, file…

read more

Hunting Azure Admins for Vertical Escalation

Hunting Azure Admins for Vertical Escalation 2048 1402 Lee Kagan

In this post, we will look at a rather simple, but important procedure when attacking organizations that leverage cloud providers such as Microsoft Azure. There is a lot of excellent…

read more

Use-After-Free (UAF) Vulnerability CVE-2019-1199 in Microsoft Outlook

Use-After-Free (UAF) Vulnerability CVE-2019-1199 in Microsoft Outlook 2048 1536 Andrew Hay

Overview R.J. McDown (@BeetleChunks) of the Lares® Research and Development Team discovered a Critical Remote Code Execution vulnerability in the latest version of Microsoft Outlook. R.J. and the Lares R&D…

read more

Where There is Unity, There is Victory

[Ubi concordia, ibi victoria]

– Publius Syrus

Contact Lares Consulting logo (image)

Continuous defensive improvement through adversarial simulation and collaboration.

Email Us

©2024 Lares, a Damovo Company | All rights reserved.

Error: Contact form not found.

Error: Contact form not found.

Privacy Preferences

When you visit our website, it may store information through your browser from specific services, usually in the form of cookies. Some types of cookies may impact your experience on our website and the services we are able to offer. It may disable certain pages or features entirely. If you do not agree to the storage or tracking of your data and activities, you should leave the site now.

Our website uses cookies, many to support third-party services, such as Google Analytics. Click now to agree to our use of cookies or you may leave the site now.