Does your cybersecurity start at the heart?
Get a highly customized data risk assessment run by engineers who are obsessed with data security.
IT Pros
Articles
Inside Out Security Blog
Explore by topic:
Windows Defender Turned Off by Group Policy [Solved]
Picture this scenario: You log into your computer on any random Thursday, and Windows Defender won’t start. You manually kick it off, and you get the message “Windows Defender is...
What is a Domain Controller, When is it Needed + Set Up
A domain controller is a server that responds to authentication requests and verifies users on computer networks. Domains are a hierarchical way of organizing users and computers that work together...
CEO vs. CISO Mindsets, Part III: Value at Risk For CISOs
To convince CEOs and CFOs to invest in data security software, CSOs have to speak their language. As I started describing in the previous post, corporate decision makers spend part...
Koadic: Security Defense in the Age of LoL Malware, Part IV
One of the advantages of examining the gears inside Koadic is that you gain low-level knowledge into how real-world attacks are accomplished. Pen testing tools allow you to explore how...
Master Fileless Malware Penetration Testing!
Our five-part series brings you up to speed on stealthy techniques used by hackers. Learn how to sneakily run scripts with mshta, rundll32, and regsrvr32, scary Windows binaries that live...
What is SAML and How Does it Work?
Security Assertion Markup Language (SAML) is an open standard that allows identity providers (IdP) to pass authorization credentials to service providers (SP). What that jargon means is that you can...
Koadic: Pen Testing, Pivoting, & JavaScripting, Part II
Mshta and rundll32, the Windows binaries that Koadic leverages, have been long known to hackers. If you take a peek at Mitre’s ATT&CK database, you’ll see that rundll32 has been...
CISM vs. CISSP Certification: Which One is Best for You?
It’s a perfect time to be CISM or CISSP certified, or have any cybersecurity certification: according to Gartner, the unemployment rate for cybersecurity professionals is zero – as in there...
Koadic: LoL Malware Meets Python-Based Command and Control (C2) Server, Part I
In my epic series on Windows binaries that have dual uses– talkin’ to you rundll32 and mshta — I showed how hackers can stealthy download and launch remote script-based malware....
The Malware Hiding in Your Windows System32 Folder: More Rundll32 and LoL Security Defense Tips
When we left off last, I showed how it’s possible to run VBScript directly from mshta. I can play a similar trick with another LoL-ware binary, our old friend rundll32....