Securitum

🔍 New Security Report Published – Real-World WAN Security Testing! 🔍 We’ve just released a public security report based on real-world penetration tests of a WAN environment, where we assessed critical infrastructure components. The tests performed by Pawel Rozanski revealed interesting vulnerabilities, including unrestricted access to sensitive data and outdated software exposing publicly known security risks. 🚀 Key Takeaways: ⚠️ Unrestricted access to sensitive data – Consul’s key/value store exposed critical configuration details, including secrets, passwords, and API keys, without authentication. ⚠️ Outdated software with known vulnerabilities - OpenSSH, Consul, and cAdvisor were running outdated versions, some with publicly known CVEs, increasing the attack surface. 🔎 Why read this report? It’s based on real security testing, not theory. It highlights practical attack scenarios with Proof of Concept examples. It provides actionable recommendations for securing critical infrastructure. 👏 It's worth highlighting that the client responded appropriately and quickly patched the key vulnerabilities – proactive security measures truly make a difference! 📖 Read the full report here: https://lnkd.in/dS_VpMD9

Read about how repeating seemingly irrational steps can lead to the discovery of serious security vulnerabilities 💣 https://lnkd.in/dixK23T7 #Cybersecurity #ApplicationSecurity #PenetrationTesting #OWASP #SecurityTesting #EthicalHacking

🔍 Breaking the Rules to Expose Hidden Vulnerabilities in REAL Penetration Tests Albert Einstein said, “Insanity is doing the same thing over and over and expecting different results.” But in security testing, repeating seemingly irrational steps can sometimes uncover major vulnerabilities. In our latest article, Jacek Siwek shares a fascinating real-world case where a regular user reused an inactive session ID only to find themselves with full administrator privileges. 😳 This unexpected privilege escalation highlights why security testing must go beyond conventional logic. The biggest threats often lie in the least expected places. 👉 Read the full story and learn how to protect your applications from similar risks: https://lnkd.in/erHR7yBQ #Cybersecurity #ApplicationSecurity #PenetrationTesting #OWASP #SecurityTesting #EthicalHacking 

🔑 Breaking License Validation: A Pentester’s Perspective 🔑 Back in the day, some activation keys were so well-known that people could recite them from memory (anyone?). But in today’s licensing world, the rule is clear: one key = one activation. Yet, during a security audit, Piotr Ćwikliński, our pentester, discovered a flaw that allowed a single key to be used for multiple activations without raising any red flags. This wasn’t a complex exploit requiring deep technical knowledge. Instead, a simple business logic flaw made it possible for an ordinary user with basic tools to bypass licensing restrictions. In his latest article, Piotr breaks down: 🔍 How he identified the flaw in a macOS application’s activation process 💻 How basic request manipulation led to unlimited activations 🛡️ What software vendors must do to fix these licensing weaknesses If your organization relies on software licensing or if you're just curious about cybersecurity tricks this is a must read! 📖 Read the full article here: https://lnkd.in/d3-XcY3G

🔍 Active Directory Security Audit – Key Findings Our experienced pentester, Jarosław Jahrek Kamiński, recently conducted an Active Directory security audit, uncovering several misconfigurations that could pose serious risks to an organization’s IT environment. Securing Active Directory is crucial, as it is widely used by companies and often a primary target during attacks on corporate infrastructure. A compromised AD can lead to privilege escalation, unauthorized access, and even full domain takeover. One of the more concerning findings? Any user within the "Domain Users" group could log into RDP services on multiple workstations—a potential gateway for unauthorized access and privilege escalation. Among other security gaps identified: ⚠️ Unconstrained delegation enabled on workstations ⚠️ A high number of administrative accounts, increasing the attack surface ⚠️ GPO misconfigurations that could lead to domain takeover ⚠️ Users with DCSync privileges on the AD controller Each of these misconfigurations, if left unaddressed, could be exploited by attackers to for example escalate privileges, move laterally, or compromise the entire domain. We break down all findings and mitigation strategies in detail in our latest article. Read the full report here: https://lnkd.in/dye4sENp #CyberSecurity #ActiveDirectory #Pentesting #SecurityAudit #ADSecurity #EthicalHacking

In cybersecurity, what you don’t know can hurt you. That’s why periodic external network scanning is not just a best practice - it’s a necessity. 🚨 Why it matters: External-facing assets are prime targets for attackers. Misconfigurations, unpatched services, and forgotten subdomains create entry points that adversaries actively seek. Without regular scanning, you’re essentially flying blind, unaware of the vulnerabilities that could be exploited. 🔍 What you gain: ✅ Identify exposed services before attackers do ✅ Detect shadow IT and rogue assets ✅ Ensure compliance with security policies ✅ Reduce the risk of zero-day exploitation 📅 How often should you scan? While continuous monitoring is ideal, at a minimum: 🔹 Monthly scans for critical infrastructure 🔹 Quarterly assessments for broader attack surface mapping 🔹 Ad-hoc scans after major changes (e.g., new deployments) ⚠️But scanning alone isn’t enough❗ Proper remediation and integration with vulnerability management programs are key. Findings should lead to action, not just reports. Are you sure of your visibility of the external attack surface❓ Find out how we approach external infrastructure testing 👇 https://lnkd.in/dyHAA9dz #CyberSecurity #EthicalHacking #NetworkSecurity #AttackSurfaceManagement #VulnerabilityManagement #WAN

🚨 How Secure Are Your Application Secrets? 🚨 💡 Lessons from Years of Real-World Penetration Testing Hardcoded credentials. Exposed API keys. Leaked tokens. We see these mistakes all the time during hundreds of real pentests and they often lead to complete system compromise. Mateusz Lewczak, our cybersecurity expert, has compiled key insights from years of breaking into applications to show: ⚠️ The most common mistakes that put your secrets at risk 🔍 The hidden dangers of environment variables & config files ✅ Best practices for secure secret management in cloud and on-prem How does your team store secrets? 📖 Read the full article here: https://lnkd.in/dmMRnfgB #CyberSecurity #Pentesting #DevSecOps #ApplicationSecurity #InfoSec #CloudSecurity #Hacking 

🔍🔍 How Easy Is It to Manipulate Someone Over the Phone? A Real Social Engineering Case Study. Most companies focus on phishing when discussing social engineering threats, but vishing attacks can be just as dangerous. Attackers sometimes don’t need malware or complex exploits. A well-prepared script, the right social engineering techniques, and a little psychological pressure are often enough to extract credentials, gain access to internal systems, or convince employees to install malicious software. Jacek Siwek has just created a new article: "Vishing – How It Works and Why It’s So Effective: Insights from Commercial Social Engineering Tests." 📌 What’s inside? ✅ Real-life vishing scenarios attackers use to manipulate employees ✅ The psychology behind why people fall for scams ✅ Social engineering techniques used in commercial pentests ✅ Practical steps to defend against these threats Our experience in social engineering tests shows that when an attacker sounds credible, many people don’t stop to verify the request, even if they should. Want to know how vishing attacks work in practice and how to protect your team? Read the full article here 👉 https://lnkd.in/dZg73WFr #CyberSecurity #SocialEngineering #Vishing #Pentesting #CyberAwareness 

🔍 When security shortcuts become security threats 🔍 During a recent pentest, Adam Borczyk uncovered a high risk in a company’s Azure & Entra ID setup: 🚨 A C-level executive’s account was excluded from Multi-Factor Authentication (MFA). What might have been intended as a "temporary solution" actually opened the door to potential account takeover. Sign-in logs revealed logins from multiple locations at the same time, including the U.S., Poland, and… China. This is exactly how Business Email Compromise (BEC) attacks can begin. A high-level executive’s compromised account can be used to: 🔹 Manipulate employees 🔹 Authorize fraudulent transactions 🔹 Gain access to sensitive data 💡 Key takeaway: No exceptions. No workarounds. MFA must be enforced for every account. We break down this real-world case, what went wrong, and how to prevent it in our latest article. Read it now! 🔗 https://lnkd.in/dSB9WP_Q #CyberSecurity #Pentesting #Infosec #RiskManagement 

🚨 New Public Penetration Test Report: Audit Log Spoofing in a FinTech Web Application (...and more)🚨 We are sharing a public report from a REAL COMMERCIAL PENETRATION TEST conducted by our pentester Patryk Bogdan. 🛡️ During the audit of a web application, we identified several interesting vulnerabilities, including one important medium severity issue: Audit Log Spoofing.  This vulnerability allows unauthorized modification of audit logs, leading to manipulated records in security reports. 🔎 Key Takeaways from this Vulnerability: ✅ The application’s audit log system generates critical activity reports. ✅ Due to improper input filtering, malicious users can inject false entries into audit logs. ✅ This could mislead security teams, hide unauthorized activities, or falsify compliance records. 🔬 Technical Details & Exploitation: A crafted request can inject manipulated data into logs, as POST requests aren't properly sanitized for special characters (e.g., new lines, commas). 📌 Attackers could exploit this vulnerability via API endpoints to insert arbitrary records into reports. 📌 The full Proof of Concept is documented in the public report. Additionally, in the report, you can find insights on testing upload mechanisms and best practices for implementing security headers. 👉 The full penetration test report is now publicly available! Read more: 🔗 https://lnkd.in/dfTc2cGk #CyberSecurity #PenTest #Infosec #EthicalHacking #PublicReports