Resources

Downloadable PDFs

News & Events

Blog

The Top 10 Penetration Test Findings from 2019 with Eric Smith and Tim McGuffin 1080 720 Andrew Hay

The Top 10 Penetration Test Findings from 2019 with Eric Smith and Tim McGuffin

Lares® encounters a seemingly endless number of vulnerabilities and attack vectors when we conduct a penetration test or red team engagement, regardless of organization size or maturity. Though not every engagement is identical, we have analyzed the similarities between hundreds of engagements throughout 2019. Join Eric Smith and Tim McGuffin as they discuss the most…

read more
Hunting Azure Admins for Vertical Escalation: Part 2 1360 1068 RJ McDown

Hunting Azure Admins for Vertical Escalation: Part 2

  This post is part 2 in the Hunting Azure Admins for Vertical Escalation series. Part 1 of this series detailed the usage and functionality of Azure authentication tokens, file locations that cache the tokens during a user session (“%USERPROFILE%\.Azure\TokenCache.dat”), methods for locating user exported Azure context files containing tokens, and leveraging them to bypass…

read more
Your Assistance Is Needed: Defeating Disinformation 1080 1440 Mark Arnold

Your Assistance Is Needed: Defeating Disinformation

Follow Up: Tricks, Trolls, and Securing the Home Worker In our recent blog about securing home workers, we drew attention to the impact of social engineering and the spread of disinformation campaigns targeting teleworkers. The barrage of information has made it nearly impossible to find needles of truth in haystacks of fake news. While more…

read more
Tricks, Trolls & (Securing) the Home-Based Staffer 1080 798 Mark Arnold

Tricks, Trolls & (Securing) the Home-Based Staffer

By now, you are most likely working from home for purposes of social distancing. Call it whatever you will, ‘shelter in place,’ ‘hunkering down,’ or ‘self-quarantine,’ we have all been forced to settle into our new work-from-home (WFH) normal. Unfortunately, this great migration homeward is fueling social engineering and manipulation. Predictably, the scramble to set…

read more
Announcing Lares Office Hours 1080 721 Andrew Hay

Announcing Lares Office Hours

In-person office hours are important for learning and engagement, yet risk serving only people who live close to one another and have flexible schedules. Many people have family responsibilities and (usually) long commutes to work. To provide the industry with greater access, while using everyone’s time more efficiently, we’re going to start offering free Lares…

read more
Credit Union Morning Coffee – Week of March 23, 2020 1328 740 Andrew Hay

Credit Union Morning Coffee – Week of March 23, 2020

Welcome to the Lares Credit Union Solutions Credit Union Morning Coffee informative video for the week of March 23, 2020. This video provides Credit Union executives, IT staff, and security analysts with the news they need to begin their week over their first cup of coffee on Monday morning – all in about 60 seconds.…

read more
Pandemics Bring Out The Worst Kind of Internet Pariah 387 387 Mark Arnold

Pandemics Bring Out The Worst Kind of Internet Pariah

Zoombombing is one of the latest digital shenanigans to surface during the current COVID-19 crisis to abuse video conferencing users. With the increased reliance on video conferencing platforms due to spikes in ‘work from home’ mandates, it was only a matter of time before bad actors would find a way to disrupt home-based staffers. Because…

read more
Questions With Andrew: What is Ransomware? 1438 769 Andrew Hay

Questions With Andrew: What is Ransomware?

https://www.lares.com/wp-content/uploads/2020/03/Andrew_Sitting.mp4

read more
Credit Union Morning Coffee – Week of March 16, 2020 1328 740 Andrew Hay

Credit Union Morning Coffee – Week of March 16, 2020

Welcome to the Lares Credit Union Solutions Credit Union Morning Coffee informative video for the week of March 16, 2020. This video provides Credit Union executives, IT staff, and security analysts with the news they need to begin their week over their first cup of coffee on Monday morning – all in about 60 seconds.…

read more
Hunting Azure Admins for Vertical Escalation 2048 1402 Lee Kagan

Hunting Azure Admins for Vertical Escalation

In this post, we will look at a rather simple, but important procedure when attacking organizations that leverage cloud providers such as Microsoft Azure. There is a lot of excellent public research on attacking Azure, however, most research tends to focus on tactics that assume you have first obtained some form of access, such as…

read more

Webcasts

Videos

Where There is Unity, There is Victory

[Ubi concordia, ibi victoria]

– Publius Syrus

Contact Lares Consulting logo (image)

Continuous defensive improvement through adversarial simulation and collaboration.

©2019 Lares, LLC | All rights reserved.
    Privacy Preferences

    When you visit our website, it may store information through your browser from specific services, usually in the form of cookies.Some types of cookies may impact your experience on our website and the services we are able to offer. It may disable certain pages or features entirely. If you do not agree to the storage or tracking of your data and activities, you should leave the site now.

    Our website uses cookies, many to support third-party services, such as Google Analytics. Click now to agree to our use of cookies or you may leave the site now.