Sometimes, the good old credential dumping techniques just won't work. This is the story of how a bad actor could dump credentials on a fully-patched,…

Read more

The anonymous data on our cases allows us to answer the question "What is a typical DFIR case at Compass Security?" and we conclude its the analysis,…

Read more

Red Teaming exercises are getting popular with the growth of security operations centers. These attack simulations aim to help companies improve their…

Read more

Nowadays more and more security tools are used to monitor and generate alerts from different sources (EDR, Proxy, etc.).These alerts often contains…

Read more

In June last year, the good folks at SpecterOps dropped awesome research on Active Directory Certificate Services (AD CS) misconfigurations. Since…

Read more