A well-run cybersecurity team operates like a beautiful orchestra, each individual knowing their part and contributing to the same goal. A cybersecurity team may consist of team members wearing numerous hats ranging from management, to defensive, and offensive security. The offensive team members will attack their own organization to find vulnerabilities so the other teams […]
A Vulnerability Scan is NOT a Penetration Test. Unfortunately, when we perform third-party reviews or risk analyses, we often see that organizations get these two terms mixed. In this article, we are providing information about the differences so companies get the accurate services they need (and paid for) and they can achieve their compliance goals. […]
Weak passwords are often the cause of data breaches. Love or hate them, everyone is using passwords today. Ensuring individuals are using strong passwords in important to securing an organization. Whether you’re performing a penetration test or a password audit, tools can help you add value and efficiency for your report. At Stern Security, we […]
Without using any 3rd party tools, you can use simple Window commands to display the saved passwords for remembered wireless networks. This is helpful if you forget or during security engagements. Stern Security gained access to a laptop on a recent penetration test. We needed to gain access to a particular wireless network didn’t want to risk tripping […]
Pyoneer was created to assist with the search for sensitive information while on customer engagements. The tool has been used in different scenarios, not just for penetration testing, but that is where the tools development began. Pyoneer’s base script was written overnight while sitting in a hotel room on an engagement. The idea came while […]
Background How can an attacker capture usernames and passwords on a local network by simply waiting for the computers to willingly give them up? LLMNR and NBT-NS poisoning! Link-Local Multicast Name Resolution (LLMNR) and Netbios Name Service (NBT-NS) are two components of Microsoft Windows machines. LLLMNR was introduced in Windows Vista and is the successor […]