Resources

Downloadable PDFs

News & Events

Blog

The CIS Telework Security Guide 2048 1365 Mark Arnold

The CIS Telework Security Guide

CIS Telework Guidance The folks over at the Center for Internet Security, whose core mention is to secure online experiences, have authored security guidance for teleworkers. The CIS recently released a whitepaper on securing the remote network, a Telework Security Guide (TSG). Given the dizzying array of remote work jargon out there, the CIS TSG…

read more
Security and Converged Workspaces 2048 1365 Mark Arnold

Security and Converged Workspaces

The Forcibly Converged Network The convergence of home and corporate networks continues unabated. Converged workspaces are here to stay for the foreseeable future. Most converged networks that we assess are flat, like many corporate networks. However, the comparisons abruptly end there. Unlike corporate networks, converged networks lack common controls and typically lack monitoring of internal…

read more
WFH Lateral Movement TTPs 800 533 Anton Ovrutsky

WFH Lateral Movement TTPs

WFH Lateral Movement TTPs With the increase of remote working arrangements due to the ongoing pandemic, corporate endpoints are now located far beyond the standard corporate perimeter. This presents attackers with new attack paths that may not have been present behind well-secured corporate firewalls. With this in mind, the aim of this post is to…

read more
From Lares Labs: Defensive Guidance for ZeroLogon (CVE-2020-1472) 2048 1365 Anton Ovrutsky

From Lares Labs: Defensive Guidance for ZeroLogon (CVE-2020-1472)

About Zerologon (CVE-2020-1472) On September 11th, 2020, Secura researcher Tom Tomvoort published a blog post outlining the Zerologon vulnerability. Microsoft’s August Patch Tuesday releases contained a patch for CVE-2020-1472 which can be exploited by attackers to hijack enterprise servers due to Netlogon cryptographic weaknesses. The vulnerability allows an attacker to set a password for the…

read more
School’s On(line) Kids – Is it Safe and Cybersecure? 2048 1446 Mark Arnold

School’s On(line) Kids – Is it Safe and Cybersecure?

School Days It’s Fall again and school is open (for most) in various modes of operation after several months of disruption due to COVID-19. Whether school districts offer in-person, virtual, or hybrid schooling models, many of them face challenges and are scrambling to meet and secure new technology demands. Some districts are more embattled than…

read more
Seeing Red 1638 2048 Mark Arnold

Seeing Red

Seeing Red Recently, I asked my Lares mates to comment on a red team (RT) architecture post I stumbled upon. A volley of responses ensued with the conclusion: “That’s a penetration testing platform – not full-scope”- and a non-committal “or maybe.” Our RT banter characterizes for the larger efforts to define RT. The red team…

read more
Time for Transition: From ACET to InTREx-CU 2048 1366 Mark Arnold

Time for Transition: From ACET to InTREx-CU

The Transition from ACET to InTREx-CU for Credit Union Examinations The National Credit Union Association (NCUA) Chairman Rodney Hood discussed changes to the credit union (CU) CyberSecurity and Technology examination program before Congress in early December 2019. Hood announced the adoption of the Information Technology Risk Examination (InTREx) solution to this end. InTREx is utilized…

read more
Security Program Components 101 1090 727 Andrew Hay

Security Program Components 101

The term “security program” means a lot of different things to a log of different people. To some, it’s just an acceptable use policy or password policy. To others, it’s the operationalization of security controls (e.g. firewalls, endpoint security, 2FA, etc.). To others still, it’s the measurement of how many alerts were triaged by the…

read more
Upcoming Webinar – Defensive Strategies: The Power of Visibility 1090 728 Andrew Hay

Upcoming Webinar – Defensive Strategies: The Power of Visibility

Defensive Strategies: The Power of Visibility When: Wednesday, July 29, 2020 @ 12pm ET About the Webinar: Security programs are struggling with noise. What is legitimate and what is suspicious? Attackers use that to their advantage to hide and move around inside your environment. Offense should inform defense but is that truly happening? The attack…

read more
Hunt Fast: Splunk and tstats 1090 818 Anton Ovrutsky

Hunt Fast: Splunk and tstats

Intro One of the aspects of defending enterprises that humbles me the most is scale. Enabling different logging and sending those logs to some kind of centralized SIEM device sounds relatively straight forward at a high-level, but dealing with tens or even hundreds of thousands of endpoints presents us with huge challenges. In this post,…

read more

Webcasts

Videos

Where There is Unity, There is Victory

[Ubi concordia, ibi victoria]

– Publius Syrus

Contact Lares Consulting logo (image)

Continuous defensive improvement through adversarial simulation and collaboration.

©2019 Lares, LLC | All rights reserved.
    Privacy Preferences

    When you visit our website, it may store information through your browser from specific services, usually in the form of cookies. Some types of cookies may impact your experience on our website and the services we are able to offer. It may disable certain pages or features entirely. If you do not agree to the storage or tracking of your data and activities, you should leave the site now.

    Our website uses cookies, many to support third-party services, such as Google Analytics. Click now to agree to our use of cookies or you may leave the site now.