Blog

Mitigating Against the Shadow Broker Exploit Dump

April 17th, 2017 by Jim Daniel

On Friday, April 14, a group called “Shadow Brokers” released multiple exploits and tools, purported to be from the NSA, entitled “Fifth Leak: Lost in Translation”. Over the holiday weekend, the Critical Start research team and the greater InfoSec community went through and analyzed many of the tools. Affected Systems The tools are primarily comprised […]

Read More

Threat Intelligence?

April 8th, 2017 by Randy Watkins

by Randy Watkins | Director, Security Architecture [email protected] With the uptick in Cyber Crime, security professionals are looking for methods to gain an edge.  Many security professionals are attempting to gain this edge using detection technologies like Intrusion Prevention Systems (IPS), or logging solutions like System Information and Events Monitors (SIEMs) and Endpoint Detection and […]

Read More

Hijacking the CEO’s Email Account

October 13th, 2016 by Jim Daniel

Why Security Teams Need a Second Set of Eyes During a recent penetration test, I hijacked the client’s email server, posed as the client CEO, and sent a fraudulent email to the client CFO asking the CFO to wire $10,000 USD to an offshore bank account. Interestingly, after receiving a string of actual malicious phishing […]

Read More

On the Reliance of Client Side Security

September 22nd, 2016 by Jim Daniel

I recently conducted a penetration test of a web application. Because of design decisions, I was able to bypass CAPTCHA to brute force user accounts and, ultimately, bypass file upload restrictions to upload malware onto the web server and into the internal network environment. The owner had taken a healthy view of security, had conducted […]

Read More

Picking the Right Silver Bullet

May 15th, 2016 by Randy Watkins

  With the current state of cyber security, the market has become inundated with “solutions”. When every manufacturer is selling hammers, then all problems look like a nail. Security personnel are expected to evaluate solutions, while still trying to find time for operational tasks. After the media fills executives’ minds with the latest security buzzwords, […]

Read More

What Are the Mistakes That Get Hackers Arrested?

April 29th, 2016 by Rob Davis

At Critical Start we use a concept called the Defendable Network and map organizations to SecCon levels designed to give companies a chance against threat actors of varying skill levels.  We group threat actors skill levels into: Untrained Attacker (just gets lucky) Novice Attacker Intermediate (using automated tools mostly) Advanced Expert Phineas Fisher is a Blackhat hacker and […]

Read More

Field Offices

Connect With us