Latest Articles
Adventures and Accidental Honeypots in Network Infrastructure: Unravelling Internet Shenanigans
welcome Hello World! So, I’ve been tinkering with network stuff lately, trying to set up some infrastructure.Turns out that in the process, I made a rookie mistake and left a few ports open to the internet! A few months down the line I took a look and to no one’s surprise my server had been bombarded with all sorts of requests. It was receiving a steady stream of traffic, but not the good kind…think of it more as a steady dose of “internet radiation”. Without realising it I had accidentally turned my server into a honeypot.
May 16, 2024,jstester007
Poisoning Pipelines: Azure DevOps Edition
pipelinebursting2 Introduction In the ever-evolving realm of cloud services, organisations are ditching the headaches of physical infrastructure management and diving headfirst into the possibilities of cloud platforms. From the humble beginnings of deploying virtual machines and servers, we now find ourselves in a dynamic space with everything from serverless architectures to cloud-based active directories, seamless SaaS integrations, architectural blueprints, collaboration tools, AI assistants, and more.
May 9, 2024,francescoiulio
Why sneak when you can walk through the front door - A Love letter to Password Spraying against M365 in Red Team Engagements
In 2023 through 2024, JUMPSEC’s red team gained access to Microsft 365 (M365) environments of sophisticated clients during adversarial engagements with an approach that breathes life into the decades-old technique of password spraying. With threat actors increasingly using similar approaches in the wild, being able to compromise the even likes of Microsoft themselves, it is my opinion that red teams might benefit from incorporating some of these techniques into their initial access arsenal, or even in external perimeter security testing, to better emulate adversaries and challenge assumptions around intial access.
May 2, 2024,sunnychau