Our #eShop is secure - no one's hacked it in years! That's what the client confidently declared before our grey-box web application penetration test. Built on a popular, "secure" e-commerce platform, patched regularly, and untouched by hackers, why worry, right? But assumptions

Abusing a Microsoft-signed library, #Advpack, for DLL Execution By invoking its RegisterOCX export via rundll32.exe 💡 #Technique The abuse leverages the following command to execute a DLL payload: - rundll32.exe advpack.dll,RegisterOCX file.dll This method requires only

We Audited #Azure #Entra #ID... and Found the Keys Under the Welcome Mat During a recent #security #configuration #audit, something unusual stood out. An enterprise client with over 4.000 users in Azure Entra ID had a setup where Multi-Factor Authentication (MFA was explicitly

In case you missed it 👉 Forbes Greece recently featured Logisek in a deep-dive article on offensive security and our uncompromising approach to cybersecurity. 🔍 In the interview, we explore: - Why demand for offensive security is rising fast - How our team brings deep

From Foothold to #Domain #Admin - In Under 4 Hours What if an attacker didn’t need any malware or external tools - just what your infrastructure already allows? That’s exactly the scenario we tested in a this engagement with a financial institution. The client asked us to

When One Vendor Fails, Everyone Pays - A Cyber Lesson from the Supply Chain Recent breaches in #Greece reminded us how cyber risk doesn’t respect boundaries. The target wasn’t a bank or utility. But the impact? Widespread, affecting critical organizations and exposing sensitive

Abuse of ForFiles for Indirect #Command #Execution Over 70% of endpoint alerts miss indirect execution paths. Here’s how ForFiles fits into that gap. ForFiles, a legitimate command-line tool designed for batch file processing and still an effective technique for attackers

How Secure Is an #Application? 80% of breaches exploit vulnerabilities in 'working' applications. Functionality doesn’t equal security. Just because an application runs smoothly doesn’t mean it’s secure. A responsive UI, flawless workflows, and a seamless user experience

#Cybersecurity Isn’t Just #Digital - #Social #Engineering at Your Door Over 60% of social engineering breaches start with a human interaction - and not all of them are online. Hackers don’t just hide behind screens. Sometimes, they’re standing at your front door. When we think

🎣 When #FTP Becomes a Launcher Your SIEM flagged PowerShell, but missed ftp.exe. Why indirect execution (T1202) quietly bypasses "block cmd" controls. Ftp, normally for file transfers, also accepts scripted input and a shell escape. It can proxy execution of other commands

#Security Isn’t About Pulling the Plug After 20 years in IT, one thing is clear: the digital world doesn’t stand still, and neither can your #defenses. We began with software development and IT engineering, but our passion led us to offensive security. Over the years, we’ve

When Backwards Compatibility Becomes an #Attack #Vector HTTP/1.1 is still everywhere. It works, it’s familiar, it's compatible. But there is a problem. It also leaves the door wide open to attacks modern protocols solved years ago. And the most dangerous? The well-known request

How Secure Is Your #Chatbot? LLMs are changing how we interact with data and how attackers exploit it. Chatbots powered by #LLMs may appear intelligent and helpful, but under the hood, they can expose sensitive logic, leak internal data, and serve as new entry points for

When #Lightbulbs Become Attack Paths #IT networks are hardened with EDR, firewalls, and SIEMs. But in red team engagements, some of the easiest pivots come not from servers but from Internet of Things (#IoT) or Operational Technology (#OT) devices. Smart doesn’t always mean

When the #Cloud Becomes the Attacker’s Playground Ask most teams if they’ve "moved to the cloud", and they’ll nod proudly. Ask them if they’ve tested their cloud like an attacker would, and suddenly the room gets quiet. --- 👉 Common discoveries - Public Storage Accounts

Is Your AI Just Another Attack Surface? 2025 has made it clear: Large Language Models aren’t a novelty anymore. They’re in customer service, DevOps copilots, legal assistants, even critical infrastructure workflows. And just like web apps in the 2000s, they now have their own

The Hardest #Threat to Detect Is Already #Inside Most security strategies assume #attackers come from outside. But what if they don’t? What if it’s an employee, contractor, or partner already inside your network? #Insider #threats are rarely about malicious masterminds. They’re

Your #Security Is Only as Strong as Your Weakest Vendor Organizations spend millions hardening their environments with zero trust, segmentation, and EDR, only to be breached through a supplier or partner. #Attackers don’t care about your defenses if they can compromise someone

#Backups Don’t Equal Resilience When leadership says, "we’re ready for #ransomware, we have backups", that’s when we know we need to dig deeper. Backups are only one layer of resilience, and attackers know they’re the first target. --- What we often see: - Backups stored

When #Vulnerabilities Pile Up - Finding the Real Value in #Security #Assessments Every year, a familiar pattern emerges. An organization invests in #penetration #testing. The report comes back. Dozens, sometimes hundreds, of findings. Fast forward 12 months... the same