Breaking out of Windows Kiosks using only Microsoft Edge

Introduction In this blog post, I will take you through the steps that I performed to get code execution on a Windows kiosk host using ONLY Microsoft Edge. Now, I know that there are many resources out there for breaking out of kiosks and that in general it can be quite easy, but this technique … Continue reading Breaking out of Windows Kiosks using only Microsoft Edge

What ISO27002 has in store for 2022

In current times, security measures have become increasingly important for the continuity of our businesses, to guarantee the safety for our clients and to confirm our company’s reputation. While thinking of security, our minds will often jump to the ISO/IEC 27001:2013 and ISO/IEC 27002:2013 standards. Especially in Europe & Asia, these have been the leading … Continue reading What ISO27002 has in store for 2022

NVISO approved as APT Response Service Provider

NVISO is proud to announce that it has successfully qualified as an APT Response service provider and is now recommended on the website of the German Federal Office for Information Security (BSI).   Advanced Persistent Threats (APT) are typically described as attack campaigns in which highly skilled, often state-sponsored, intruders orchestrate targeted, long-term attacks. Due to their … Continue reading NVISO approved as APT Response Service Provider

Introducing pyCobaltHound – Let Cobalt Strike unleash the Hound

Introduction During our engagements, red team operators often find themselves operating within complex Active Directory environments. The question then becomes finding the needle in the haystack that allows the red team to further escalate and/or reach their objectives. Luckily, the security community has already come up with ways to assist operators in answering these questions, … Continue reading Introducing pyCobaltHound – Let Cobalt Strike unleash the Hound

Girls Day at NVISO Encourages Young Guests To Find Their Dream Job

NVISO employees in Frankfurt and Munich showcased their work in Cybersecurity to the girls with live hacking demos, a view behind the scenes of NVISO and hands-on tips for their personal online security. Participating in the Germany- Wide "Girls Day", we further widened the field of future career choices for the young visitors and brought … Continue reading Girls Day at NVISO Encourages Young Guests To Find Their Dream Job

Cortex XSOAR Tips & Tricks – Execute Commands Using The API

Introduction Every automated task in Cortex XSOAR relies on executing commands from integrations or automations either in a playbook or directly in the incident war room or playground. But what if you wanted to incorporate a command or automation from Cortex XSOAR into your own custom scripts? For that you can use the API. In … Continue reading Cortex XSOAR Tips & Tricks – Execute Commands Using The API

Investigating an engineering workstation – Part 3

In our third blog post (part one and two are referenced above) we will focus on information we can get from the projects itself. You may remember from Part 1 that a project created with the TIA Portal is not a single file. So far we talked about files with the “.apXX” extension, like “.ap15_1” … Continue reading Investigating an engineering workstation – Part 3

Analyzing a “multilayer” Maldoc: A Beginner’s Guide

In this blog post, we will not only analyze an interesting malicious document, but we will also demonstrate the steps required to get you up and running with the necessary analysis tools. There is also a howto video for this blog post. I was asked to help with the analysis of a PDF document containing … Continue reading Analyzing a “multilayer” Maldoc: A Beginner’s Guide