Downloadable PDFs

News & Events


Kubernetes Hunting & Visibility 1280 905 Anton Ovrutsky

Kubernetes Hunting & Visibility

Intro Enterprise workloads are increasingly shifting to modern micro-service architectures. This shift can potentially mean that visibility, hunting, and defensive frameworks lag behind their traditional on-premises architectures and deployments. The aim of this post is to provide some examples of Kubernetes monitoring and hunting from a number of defensive areas and visibility vantage points. Setup…

read more
The Top 3 Security Program Tasks to Tackle in the New Year 1024 682 Andrew Hay

The Top 3 Security Program Tasks to Tackle in the New Year

In the spirit of the New Year, it’s time to reflect on the past and make measurable resolutions for the future. Many people use this time to focus on personal goals, but it’s also important to think about what you can do to improve the security of your business. If you’re looking for ways to…

read more
Why I Joined Lares – Darryl MacLeod 150 150 Darryl MacLeod

Why I Joined Lares – Darryl MacLeod

I’ve been active in the Atlantic Canadian information security community for well over a decade, both as a current board member of AtlSecCon and the former lead organizer of Security BSides Cape Breton. I believe that being involved in the information security community has led me to where I am today. I can still remember…

read more
Distractions, Dilution, & Permissive Infrastructures … (Chris Krebs, CyberWarCon 2021) 1080 720 Mark Arnold

Distractions, Dilution, & Permissive Infrastructures … (Chris Krebs, CyberWarCon 2021)

Chris Krebs Keynotes CyberWarCon 2021 In recent years ahead of Thanksgiving, I’ve made an effort to attend one of the newest CONs on the circuit and maybe now my favorite – CyberWarCon. Unfortunately, the protracted pandemic robbed us of an opportunity to meet in 2020, so I was especially amped that 2021 was a "go"…

read more
Sysmon for Linux Test Drive 1090 727 Anton Ovrutsky

Sysmon for Linux Test Drive

If you have been within planetary orbit of our Purple Team, you will know that we are huge fans of Sysmon. You can imagine our excitement when Microsoft announced that Sysmon would be coming to Linux a few months ago. Well, the wait is now over and Sysmon is available for download and use! Olaf…

read more
Upcoming Ransomware Webinar Series 2048 1152 Andrew Hay

Upcoming Ransomware Webinar Series

Lares would like to take this opportunity to invite you to a new series of webinars on ransomware. The most common tactics hackers use to carry out ransomware attacks are email phishing campaigns, RDP vulnerabilities, and software vulnerabilities according to the Cybersecurity & Infrastructure Security Agency (CISA). In 2021, ransomware remediation costs globally rose from…

read more
Detection and Mitigation Advice for PrintNightmare 2048 1365 Andy Gill

Detection and Mitigation Advice for PrintNightmare

Introduction PrintNightmare(CVE-2021-34527) was released as a proof of concept this week on Github. This post highlights how the exploit PoCs released on Github work and how the specific vulnerability can be fixed and detected. The vulnerability itself was found and published by Zhipeng Huo (@R3dF09), Piotr Madej, and Yunhai Zhang. Caveat: All of the understanding…

read more
What the White House Ransomware Memo Got Wrong 2048 1365 Andrew Hay

What the White House Ransomware Memo Got Wrong

On June 2nd, Anne Neuberg, Deputy Assistant to the President and Deputy National Security Advisor for Cyber and Emerging Technology, released a memo with the subject: What We Urge You To Do To Protect Against The Threat of Ransomware. The most important aspect of the memo, and in our opinion one deserving of its own…

read more
Introducing Sysmon Config Pusher 1026 685 Anton Ovrutsky

Introducing Sysmon Config Pusher

Introducing Sysmon Config Pusher When providing various services to clients, including Purple, Blue, and Red Team engagements, the Lares team often recomends Sysmon to close detection gaps. Indeed, Sysmon is an incredible and freely available tool that enhances visibility across Windows systems and provides rich data and telemetry from which to build alerting, detections and…

read more
Social Profiling – OSINT for Red/Blue 1280 822 Andy Gill

Social Profiling – OSINT for Red/Blue

One of the areas that I love when it comes to red/purple engagements is profiling organizations on LinkedIn and GitHub, looking for crucial information that can lead to more juicy enumeration. This post will give you a bit of an overview of key things to look for from an offensive standpoint and from a defensive…

read more



Where There is Unity, There is Victory

[Ubi concordia, ibi victoria]

– Publius Syrus

Contact Lares Consulting logo (image)

Continuous defensive improvement through adversarial simulation and collaboration.

Email Us

©2019 Lares, LLC | All rights reserved.
Privacy Preferences

When you visit our website, it may store information through your browser from specific services, usually in the form of cookies. Some types of cookies may impact your experience on our website and the services we are able to offer. It may disable certain pages or features entirely. If you do not agree to the storage or tracking of your data and activities, you should leave the site now.

Our website uses cookies, many to support third-party services, such as Google Analytics. Click now to agree to our use of cookies or you may leave the site now.