The Dangers of Legacy Protocols
How poisoning legacy broadcast name resolution protocols led to domain compromise
In a recent client engagement, the HALOCK Security Team identified a significant yet common weakness in a client’s Windows environment: a reliance on legacy protocols, specifically Link-Local Multicast Name Resolution (LLMNR) and NetBIOS Name Service (NBT-NS). While Windows hosts typically use DNS to resolve hostnames, they fall back on these older protocols when DNS is (more…)
A Threat Based Approach to Penetration Test Reporting
Understanding Access Control: Authentication vs. Authorization
This post will explore two essential components of Access Control for web applications and APIs: Authentication and Authorization. HALOCK Security Labs’ Pen Testing Team has discovered a significant amount of Authentication and Authorization related findings during web application and API penetration testing. While both these concepts are foundational in computing, they are often misunderstood or confused. Although the concepts themselves may seem straightforward, (more…)
Exploiting API Endpoints
Relying on frontend controls for access management can lead to attackers gaining excessive privileges.
HALOCK Security Labs Web Application Penetration Testing can fully identify and evaluate web application vulnerabilities. There are a variety of ways to exploit a web application to retrieve sensitive data. In a recent client engagement, HALOCK Security Team identified a critical vulnerability by exploiting (more…)
Abusing Default Credentials
Attackers can exploit default credentials to escalate privileges within systems, endangering sensitive assets.
Internal Network Penetration Testing is typically done by organizations for compliance reasons, either for HIPAA or for PCI DSS Compliance. But regardless of why most companies invest in it, it’s an essential part of ensuring that your security controls are being managed effectively, and (more…)
Weaponizing Legacy Software
Legacy software that uses web traffic can be used to blend in with other incoming and outgoing traffic.
There are a variety of ways to gain the access needed to remotely execute commands on a compromised machine. One way that HALOCK Security Team has been able to gain access during an Assumed Breach Penetration Test is by utilizing (more…)
6 Reasons Why Penetration Testing Is Important
Penetration testing evaluates how well your security infrastructure stands up to the efforts of malicious actors.
RANSOMWARE ON THE RISE (again)
The top 6 things you should do right now to prepare and defend against a ransomware attack.
Cyber Security Phishing Awareness Training
Phishing remains one of the most common corporate attack vectors, and with good reason. Phishing attacks are simple to create, easy to deploy and are often successful for cybercriminals.
Types Of Common Malware Attacks
Malware remains a massive security problem, costing companies billions each year to manage, mitigate and remediate. While the term itself is straightforward — malware refers to any software designed to cause harm on a system or device — there are a host of malware types and techniques used by attackers to circumvent defenses and compromise key systems.
(more…)
