Blog

Written by Neuvik co-founder Tillery with Ryan Leirvik, CEO and founder of Neuvik. Introduction In a perfect world, we don’t need penetration testing. In a perfect world, we don’t need red team operations. In a perfect world, technology is perfect from design to release, and the only things left to find in production have no […]

Written By Rick Alfaro, Neuvik Advanced Assessments Consultant Intro On a recent engagement, we were performing a web application assessment for a client. They had recently implemented AWS Cognito as their user directory and wanted to kick the tires a bit. I took on this task from the point of view of someone who had […]

New Technology as a Source of Fraud and Risk   How do you initially react to each newly introduced advancement in technology?   As engineers and problem solvers, we typically think of advancements optimistically. We see them as exciting opportunities to help push forward improvements — because technology should make things better for people, whether […]

In this technical case study, Neuvik’s Director of Advanced Assessments in Europe, Jean Maes, and MD of Advanced Assessments, Dave Mayer, showcase an edge case privilege escalation (privesc) methodology that enabled successful privilege escalation during a recent penetration test for a client. By sharing this step-by-step methodology and its implications, we hope that fellow offensive […]

This blogpost embarks on the initial stages of kernel exploitation. The content serves as an introduction, leading to an imminent and comprehensive whitepaper centered around this subject matter. Through this, a foundation is laid for understanding how kernel drivers are developed, as well as basic understanding around key concepts that will be instrumental to comprehending […]

Third Party Risk Management (TPRM) is an essential component of any organizational cybersecurity risk management program. This is because TPRM programs help identify and mitigate risks to your organization introduced by external parties, ultimately trying to achieve the reduction of cyber risk provided by third parties. Running an effective TPRM program is a large undertaking […]

In this month’s blog series, we’ve moved “backwards through time” using a 2017 T-Mobile case study to illustrate what can be learned from three roles discovering a vulnerability in an operational system at varying points in the development cycle.   Our previous two installments discussed what lessons can be learned from a red teamer’s discovery of that vulnerability, followed […]

In our March 2nd blog, we discuss what can be learned from a red teamer when finding a vulnerability in an operational system. Red teamers are expected to find imperfections in systems and configurations, as their role is inherently vulnerability-discovery based.   But this is not always true for quality assurance (QA) testers as part of the […]

Enabling excessive permissions in Cloud infrastructure can easily lead to unauthorized access, but regularly auditing AWS permissions can make that harder for attackers.   In Neuvik’s previous blog, we highlighted a typical policy misconfiguration of enabling excessive permissions and access management. Although this is hard to program, scale, and observe (which is why this flaw is […]

Almost every organization has perforations in their deployed technology.   Identifying and understanding where those perforations can lead to brazen vulnerabilities is essential in understanding the organization’s cybersecurity risk. The challenge that most organizations face is missing an opportunity to use multiple perspectives to inform risks across a system’s lifecycle.   Our goal with this […]

Incident response is a crucial capability for every organization; it’s the one time that organizations can mitigate risk as it’s happening. Some organizations spend significant time understanding their incident response process and fine-tuning response playbooks. This means in the event of an event, or an incident, they are either prepared for something happening that is known […]

In cloud-based deployments, users and services are associated with roles. These roles become the way of governing identity and access. A common tendency in many organizations is to overlook these permissions — providing an opportunity for attackers to exploit them once discovered.   One solution: audit the roles, regularly.   What are over-permissioned roles and […]

With our Neuvik Editorial Insights series, we highlight the expertise of our team and showcase their individual thoughts on the cybersecurity industry today.   Introduction Product security is hard to tackle, especially for established organizations that are just starting to integrate security elements into their existing development practices, otherwise known as “secure by design” or […]

Here, we are providing an open-sourced checklist to help guide an organization through the March 22, 2022 Okta event, from a Red Teamer’s point-of-view: https://github.com/neuvikredteam/PurpleTeam-Checklists/blob/main/IdP-Breach-Checklist.md This week, there was a confirmed, report that Okta was breached by the Lapsus$ hacking group. As far as we know, the group is not believed to be a state-sponsored actor. Organizations, […]