[email protected]      0333 939 8080

Jumpsec Labs
Jumpsec Labs

JUMPSEC LABS

The JUMPSEC Lab is a place where the technical team get creative and showcase their latest security research, publications, interesting news and general thoughts!  We love what we do and are passionate about security, with some great upcoming projects planned, bookmark our site and stick around to see what we are working on.

Ranking MFA Methods – From Least to Most Secure

by Sara Cardoso | Feb 27, 2025 |

My Perspective on MFA Security In an era of relentless cyber threats, multi-factor authentication (MFA) has become a cornerstone of modern security practices, adding an extra layer of protection beyond traditional passwords. It’s a widely used defence that strengthens account security and helps prevent unauthorised access. But while MFA is a crucial security measure, it’s not a silver bullet. Cybercriminals are constantly adapting, finding new ways to bypass or manipulate different authentication methods. Whether it’s phishing, machine-in-the-middle attacks, MFA fatigue, or social engineering, no authentication mechanism is completely immune. In this blog post, I’ll explore the various methods used to protect user credentials and rank the most common MFA mechanisms based on how vulnerable they are to the types of attacks we’re seeing in today’s threat landscape. Multi-Factor...

read more
BCP, as easy as ABC?

BCP, as easy as ABC?

A Business Continuity Plan (BCP) is a strategic playbook created to help an organisation maintain or quickly resume business functions in the face of disruption. (Pratt, Tittel,...

read more

Advisory: IDOR in Microsoft Teams Allows for External Tenants to Introduce Malware

by Max Corbridge | Jun 21, 2023 | , , , ,

TL;DR Max Corbridge (@CorbridgeMax) and Tom Ellson (@tde_sec) of JUMPSEC’s Red Team recently discovered a vulnerability in the latest version of Microsoft Teams which allows for the possible introduction of malware into any organisations using Microsoft Teams in its default configuration. This is done by bypassing client-side security controls which prevent external tenants from sending files...

read more

Hunting the Snake: An Overview of Threat Hunting with Velociraptor

by Francesco Iulio | Jun 19, 2023 |

In May 2023 the NCSC and CISA released a joint cyber security advisory addressing a piece of Russian malware called Snake. According to them, this malware has been gathering intelligence for the FSB in more than 50 countries for the last 20 years. Off the back of this advisory JUMPSEC decided to perform a number of threat hunts to provide assurance for some of our clients. Whilst conducting...

read more

Ligolo: Quality of Life on Red Team Engagements

by Francesco Iulio | Jun 9, 2023 | ,

In recent months we, JUMPSEC’s red team, have been using a nifty little tool that we would like to share with you in this blog post. Ligolo-ng is a versatile tool that has been aiding our covert, and slightly-less-covert, engagements with regards to tunnelling, exfiltration, persistence, and widely improving the operators’ “quality of life” when carrying out assessments involving beaconing from...

read more

Hunting for ‘Snake’

by Francesco Iulio | May 26, 2023 | ,

Following the NCSC and CISA’s detailed joint advisory on the highly sophisticated ‘Snake’ cyber espionage tool, JUMPSEC threat intelligence analysts have provided a condensed blueprint for organisations to start proactively hunting for Snake within their network, contextualising key Indicators of Compromise (IoC), and providing additional methods to validate the effectiveness of Snake...

read more

Advisory CVE-2023-30382 – Half-Life Local Privilege Escalation

by Ryan Saridar | May 23, 2023 | ,

Software: Half-Life Affected versions: Latest (<= build 5433873), at the time of writing Vendor page: www.valvesoftware.com CVE Reference: CVE-2023-30382 Published: 23/05/2023 CVSS 3.1 Score: 8.2 AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H Attack Vector: Local Credit: Ryan Saridar Summary An attacker can leverage a stack-based buffer overflow via Half-Life’s command line arguments to compromise the...

read more

Advisory CVE-2022-37832 – Mutiny Network Monitoring Appliance hardcoded credentials

by Ryan Saridar | Dec 15, 2022 | ,

Software: Mutiny Network Monitoring Appliance Affected versions: <= 7.2.0-10855 Vendor page: www.mutiny.com CVE Reference: CVE-2022-37832 Published: 16/12/2022 CVSS 3.1 Score: 10.0 AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H Attack Vector: Network Credit: Ryan Saridar Summary An attacker can log in as root remotely to the appliance via SSH. Mitigation Upgrade to version 7.2.0-10855 onwards to...

read more

GitHub Activity

@JumpsecLabs JumpsecLabs forked JumpsecLabs/AiTM-IoCs-Update from tdejmp/AiTM-IoCs-Update · April 1, 2025 12:45
tdejmp/AiTM-IoCs-Update

This Repo Contains IoCs for a recently tracked phishing kit

Updated Apr 1

 

Twitter

·
@
View on Twitter

Latest from JUMPSEC

Disclaimer

The information provided on this website is to be used for educational purposes only. The author is in no way responsible for any misuse of the information provided. Any actions and or activities related to the material contained within this website is solely your responsibility.

Jumpsec, Unit 3E – 3F, 33 – 34 Westpoint,
Warple Way, Acton
W3 0RG

To learn more about JUMPSEC's services please get in touch:

Give us a call: 0333 939 8080

Send us a message: [email protected]

To learn more about JUMPSEC'S services please get in touch:

Give us a call: 0333 939 8080

Send us a message: [email protected]

Jumpsec, Unit 3E – 3F, 33 – 34 Westpoint,
Warple Way, Acton, W3 0RG

© JUMPSEC 2020 | Privacy Policy
JUMPSEC Ltd. is a company registered in England and Wales. Registered Address: 1 Golden Court, Richmond, Surrey, TW9 1EU. Registration Number: 08327063