Author Archives: Nathan Noll

I’m bringing relaying back: A comprehensive guide on relaying anno 2022

Posted on by

For years now, Internal Penetration Testing teams have been successful in obtaining a foothold or even compromising entire domains through a technique called NTLM relaying. The earliest, most descriptive relaying blog post I could find dates all the way back to 2017 written by Marcello, better known as byt3bl33d3r:https://byt3bl33d3r.github.io/practical-guide-to-ntlm-relaying-in-2017-aka-getting-a-foothold-in-under-5-minutes.html At the time of writing this…

The post I’m bringing relaying back: A comprehensive guide on relaying anno 2022 appeared first on TrustedSec.

Continue reading I’m bringing relaying back: A comprehensive guide on relaying anno 2022

SeeYouCM-Thief: Exploiting common misconfigurations in Cisco phone systems

Posted on by

1.1      Intro I spent my early IT career working for a Cisco partner that specialized in Cisco phone systems. My work wasn’t directly with the phone systems, but it was usually in an adjacent field like route/switch and security. I did, however, get to see my share of networks that used Cisco phone systems. Today,…

The post SeeYouCM-Thief: Exploiting common misconfigurations in Cisco phone systems appeared first on TrustedSec.

Continue reading SeeYouCM-Thief: Exploiting common misconfigurations in Cisco phone systems

Real or Fake? Spoof-Proofing Email With SPF, DKIM, and DMARC

Posted on by

I briefly mentioned using DKIM to verify an email’s sender in a previous blog post that described the steps I took to determine whether a suspicious email was legitimate or a phishing attempt. In this post, we will take a deeper dive into how organizations can help stop email spoofing using a combination of three…

The post Real or Fake? Spoof-Proofing Email With SPF, DKIM, and DMARC appeared first on TrustedSec.

Continue reading Real or Fake? Spoof-Proofing Email With SPF, DKIM, and DMARC

Real or Fake? How to Spoof Email

Posted on by

I briefly mentioned how easy it is to forge email sender addresses in a previous blog post that described the steps I took to determine whether a suspicious email was legitimate or a phishing attempt. In this post, we will take a deeper dive into why email sender addresses are so easy to forge and…

The post Real or Fake? How to Spoof Email appeared first on TrustedSec.

Continue reading Real or Fake? How to Spoof Email

Log4j Detection and Response Playbook

Posted on by

On December 09, 2021, a severe vulnerability for Apache Log4j was released (CVE-2021-44228). This vulnerability, also known as Log4Shell, allows remote code execution in many applications through web requests and without authentication. Almost immediately, many attackers on the Internet began to scan and exploit this vulnerability. This is meant to provide guidelines and recommendations on…

The post Log4j Detection and Response Playbook appeared first on TrustedSec.

Continue reading Log4j Detection and Response Playbook

Hacking the My Arcade Contra Pocket Player – Part I

Posted on by

Intro I was at my local Target recently and spotted the section near the video games, where there were some little collectable arcade systems and handhelds that play games like Pac-Man, Galaga, and Contra. Whenever I see these types of systems, I like to pick one up to tear it apart and see what’s inside….

The post Hacking the My Arcade Contra Pocket Player – Part I appeared first on TrustedSec.

Continue reading Hacking the My Arcade Contra Pocket Player – Part I

How we’re making sense of CMMC 2.0

Posted on by

On November 5, 2021, the Office of the Secretary for the Department of Defense produced a document outlining updates for the Cybersecurity Maturity Model Certification (CMMC) program. We’ve been following the program since its inception, and we were eager to find out what’s coming next. In short, some of the changes help reduce the burden…

The post How we’re making sense of CMMC 2.0 appeared first on TrustedSec.

Continue reading How we’re making sense of CMMC 2.0

Persistence Through Service Workers—Part 2: C2 Setup and Use

Posted on by

In Part 1 of this 2-part blog, we provided an overview of service workers and created an appropriate target application to exploit using Shadow Workers. In this blog post we’ll build our C2 server in Digital Ocean and use Shadow Workers to exploit the target application. It is highly recommended to read Part 1 prior…

The post Persistence Through Service Workers—Part 2: C2 Setup and Use appeared first on TrustedSec.

Continue reading Persistence Through Service Workers—Part 2: C2 Setup and Use

Persistence Through Service Workers—Part 1: Introduction and Target Application Setup

Posted on by

During a recent discussion about achieving persistence on a web server, someone suggested that I explore using browser service workers. As I began reading about what service workers do, the possibilities for Red Team applications seemed intriguing. But first, I had to find out…what exactly is a service worker? In their efforts to make web…

The post Persistence Through Service Workers—Part 1: Introduction and Target Application Setup appeared first on TrustedSec.

Continue reading Persistence Through Service Workers—Part 1: Introduction and Target Application Setup

Supply Chain Woes – Attacks and Issues in IT Infrastructure: What Can We Do?

Posted on by

All businesses operate on the principle that a certain level of trust is necessary between the business itself and the IT components that comprise its supporting infrastructure. These components include hardware and software, as well as the vendors who provide services to the infrastructure. Securing a business supply chain is a big challenge, not only…

The post Supply Chain Woes – Attacks and Issues in IT Infrastructure: What Can We Do? appeared first on TrustedSec.

Continue reading Supply Chain Woes – Attacks and Issues in IT Infrastructure: What Can We Do?