Introducing pyCobaltHound – Let Cobalt Strike unleash the Hound

Introduction During our engagements, red team operators often find themselves operating within complex Active Directory environments. The question then becomes finding the needle in the haystack that allows the red team to further escalate and/or reach their objectives. Luckily, the security community has already come up with ways to assist operators in answering these questions, … Continue reading Introducing pyCobaltHound – Let Cobalt Strike unleash the Hound

Girls Day at NVISO Encourages Young Guests To Find Their Dream Job

NVISO employees in Frankfurt and Munich showcased their work in Cybersecurity to the girls with live hacking demos, a view behind the scenes of NVISO and hands-on tips for their personal online security. Participating in the Germany- Wide "Girls Day", we further widened the field of future career choices for the young visitors and brought … Continue reading Girls Day at NVISO Encourages Young Guests To Find Their Dream Job

Cortex XSOAR Tips & Tricks – Execute Commands Using The API

This entry is part 6 of 9 in the series Cortex XSOAR Tips & Tricks

Introduction Every automated task in Cortex XSOAR relies on executing commands from integrations or automations either in a playbook or directly in the incident war room or playground. But what if you wanted to incorporate a command or automation from Cortex XSOAR into your own custom scripts? For that you can use the API. In … Continue reading Cortex XSOAR Tips & Tricks – Execute Commands Using The API

Investigating an engineering workstation – Part 3

This entry is part 3 of 4 in the series Investigating an engineering workstation

In our third blog post (part one and two are referenced above) we will focus on information we can get from the projects itself. You may remember from Part 1 that a project created with the TIA Portal is not a single file. So far we talked about files with the “.apXX” extension, like “.ap15_1” … Continue reading Investigating an engineering workstation – Part 3

Analyzing a “multilayer” Maldoc: A Beginner’s Guide

In this blog post, we will not only analyze an interesting malicious document, but we will also demonstrate the steps required to get you up and running with the necessary analysis tools. There is also a howto video for this blog post. I was asked to help with the analysis of a PDF document containing … Continue reading Analyzing a “multilayer” Maldoc: A Beginner’s Guide

Cortex XSOAR Tips & Tricks – Using The API In Automations

This entry is part 4 of 9 in the series Cortex XSOAR Tips & Tricks

Introduction When developing automations in Cortex XSOAR, you can use the Script Helper in the built-in Cortex XSOAR IDE to view all the scripts and commands available for automating tasks. When there is no script or command available for the specific task you want to automate, you can use the Cortex XSOAR API to automate … Continue reading Cortex XSOAR Tips & Tricks – Using The API In Automations

Investigating an engineering workstation – Part 2

This entry is part 2 of 4 in the series Investigating an engineering workstation

In this second post we will focus on specific evidence written by the TIA Portal. As you might remember, in the first part we covered standard Windows-based artefacts regarding execution of the TIA Portal and usage of projects. The TIA Portal maintains a file called “Settings.xml” under the following path: C:\Users\$USERNAME\AppData\Roaming\Siemens\Portal V15_1\Settings\. Please remember we … Continue reading Investigating an engineering workstation – Part 2

Vulnerability Management in a nutshell

Introduction Vulnerability Management plays an important role in an organization's line of defense. However, setting up a Vulnerability Management process can be very time consuming. This blogpost will briefly cover the core principles of Vulnerability Management and how it can help protect your organization against threats and adversaries looking to abuse weaknesses. What is Vulnerability … Continue reading Vulnerability Management in a nutshell