Resources

Downloadable PDFs

Lares Continuous Defensive Improvement Through Adversarial Simulation and Collaboration corporate profile (image)

News & Events

Blog

WFH Lateral Movement TTPs 800 533 Anton Ovrutsky

WFH Lateral Movement TTPs

WFH Lateral Movement TTPs With the increase of remote working arrangements due to the ongoing pandemic, corporate endpoints are now located far beyond the standard corporate perimeter. This presents attackers with new attack paths that may not have been present behind well-secured corporate firewalls. With this in mind, the aim of this post is to…

read more
From Lares Labs: Defensive Guidance for ZeroLogon (CVE-2020-1472) 2048 1365 Anton Ovrutsky

From Lares Labs: Defensive Guidance for ZeroLogon (CVE-2020-1472)

About Zerologon (CVE-2020-1472) On September 11th, 2020, Secura researcher Tom Tomvoort published a blog post outlining the Zerologon vulnerability. Microsoft’s August Patch Tuesday releases contained a patch for CVE-2020-1472 which can be exploited by attackers to hijack enterprise servers due to Netlogon cryptographic weaknesses. The vulnerability allows an attacker to set a password for the…

read more
School’s On(line) Kids – Is it Safe and Cybersecure? 2048 1446 Mark Arnold

School’s On(line) Kids – Is it Safe and Cybersecure?

School Days It’s Fall again and school is open (for most) in various modes of operation after several months of disruption due to COVID-19. Whether school districts offer in-person, virtual, or hybrid schooling models, many of them face challenges and are scrambling to meet and secure new technology demands. Some districts are more embattled than…

read more
Seeing Red 1638 2048 Mark Arnold

Seeing Red

Seeing Red Recently, I asked my Lares mates to comment on a red team (RT) architecture post I stumbled upon. A volley of responses ensued with the conclusion: “That’s a penetration testing platform – not full-scope”- and a non-committal “or maybe.” Our RT banter characterizes for the larger efforts to define RT. The red team…

read more
Time for Transition: From ACET to InTREx-CU 2048 1366 Mark Arnold

Time for Transition: From ACET to InTREx-CU

The Transition from ACET to InTREx-CU for Credit Union Examinations The National Credit Union Association (NCUA) Chairman Rodney Hood discussed changes to the credit union (CU) CyberSecurity and Technology examination program before Congress in early December 2019. Hood announced the adoption of the Information Technology Risk Examination (InTREx) solution to this end. InTREx is utilized…

read more
Security Program Components 101 1090 727 Andrew Hay

Security Program Components 101

The term “security program” means a lot of different things to a log of different people. To some, it’s just an acceptable use policy or password policy. To others, it’s the operationalization of security controls (e.g. firewalls, endpoint security, 2FA, etc.). To others still, it’s the measurement of how many alerts were triaged by the…

read more
Upcoming Webinar – Defensive Strategies: The Power of Visibility 1090 728 Andrew Hay

Upcoming Webinar – Defensive Strategies: The Power of Visibility

Defensive Strategies: The Power of Visibility When: Wednesday, July 29, 2020 @ 12pm ET About the Webinar: Security programs are struggling with noise. What is legitimate and what is suspicious? Attackers use that to their advantage to hide and move around inside your environment. Offense should inform defense but is that truly happening? The attack…

read more
Hunt Fast: Splunk and tstats 1090 818 Anton Ovrutsky

Hunt Fast: Splunk and tstats

Intro One of the aspects of defending enterprises that humbles me the most is scale. Enabling different logging and sending those logs to some kind of centralized SIEM device sounds relatively straight forward at a high-level, but dealing with tens or even hundreds of thousands of endpoints presents us with huge challenges. In this post,…

read more
Credit Union Morning Coffee – Week of July 6, 2020 1328 740 Andrew Hay

Credit Union Morning Coffee – Week of July 6, 2020

Welcome to the Lares Credit Union Solutions Credit Union Morning Coffee informative video for the week of July 6, 2020. This video provides Credit Union executives, IT staff, and security analysts with the news they need to begin their week over their first cup of coffee on Monday morning – all in about 60 seconds.…

read more
Credit Union Morning Coffee – Week of June 29, 2020 1328 740 Andrew Hay

Credit Union Morning Coffee – Week of June 29, 2020

Welcome to the Lares Credit Union Solutions Credit Union Morning Coffee informative video for the week of June 29, 2020. This video provides Credit Union executives, IT staff, and security analysts with the news they need to begin their week over their first cup of coffee on Monday morning – all in about 60 seconds.…

read more

Webcasts

Videos

Where There is Unity, There is Victory

[Ubi concordia, ibi victoria]

– Publius Syrus

Contact Lares Consulting logo (image)

Continuous defensive improvement through adversarial simulation and collaboration.

Call Us

(720) 600-0329

Email Us

sales@lares.com

©2019 Lares, LLC | All rights reserved.
Enter your
text here
    Privacy Preferences

    When you visit our website, it may store information through your browser from specific services, usually in the form of cookies. Some types of cookies may impact your experience on our website and the services we are able to offer. It may disable certain pages or features entirely. If you do not agree to the storage or tracking of your data and activities, you should leave the site now.

    Our website uses cookies, many to support third-party services, such as Google Analytics. Click now to agree to our use of cookies or you may leave the site now.