Hunting for Remote Management Tools

In today's digital landscape, Remote Management and Monitoring (RMM) tools have become indispensable for organizations seeking to streamline IT operations, enhance productivity, and ensure seamless remote support. However, within our threat hunting and incident response engagements we often see that these tools, while beneficial, can also pose significant security risks if not properly managed. This … Continue reading Hunting for Remote Management Tools →

Malware-based attacks on ATMs – A summary

Introduction Today we will take a first look at malware-based attacks on ATMs in general, while future articles will go into more detail on the individual subtopics. ATMs have been robbed by criminal gangs around the world for decades. A successful approach since ~ 20 years is the use of highly flammable gas, which is … Continue reading Malware-based attacks on ATMs – A summary →

Breaking out of Windows Kiosks using only Microsoft Edge

Introduction In this blog post, I will take you through the steps that I performed to get code execution on a Windows kiosk host using ONLY Microsoft Edge. Now, I know that there are many resources out there for breaking out of kiosks and that in general it can be quite easy, but this technique … Continue reading Breaking out of Windows Kiosks using only Microsoft Edge →

Mitigation strategies against cyber threats

So it's been a good 2 months since we have been in business! We thought we’d to take some time to reflect on these two months, in which we've seen quite some interesting security news including the well-known Mandiant report on APT1 and the widespread Java chaos. Last week, ENISA published a "Flash Note" on Cyber … Continue reading Mitigation strategies against cyber threats →