InGuardians Labs
A Fifth Vulnerability Found in Ivanti VPNs
Issue On Friday, February 9th, Ivanti disclosed[1] another vulnerability found in its Ivanti Connect Secure (formerly Pulse Secure) and Ivanti Policy Secure VPN products. Named CVE-2024-22024, this vulnerability permits a bad actor to access restricted product...
Be Curious – Tinker, Learn and Grow – Part 3
Be Curious – Tinker, Learn and Grow Author: Jon Studebaker, Senior Security Consultant Editor's Note: Part 1 of this three-part series discussed the pros and cons of some common learning approaches, information resources for infosec topics that may interest you, ways...
Be Curious, Tinker, Learn and Grow – Part 2
Be Curious – Tinker, Learn and Grow Jonathan Studebaker, Senior Security Consultant at InGuardians, Inc. Editor's Note: Part 1 of this three-part series discussed the pros and cons of some common learning approaches, information resources for infosec topics that may...
Be Curious – Tinker, Learn and Grow – Part 1
Jonathan Studebaker, Senior Security Consultant at InGuardians, Inc. Editor's Note: Part 1 of this three-part series discusses the pros and cons of some common learning approaches, information resources for infosec information security (infosec) topics that may...
NIST’s New Govern Pillar and Improving Supply Chain Security
What is it? In 2014, NIST released the Cybersecurity Framework (CSF) to establish a baseline of security standards intended to identify a core set of baseline measures that any business could measure itself against and implement....
Thou shall (not) pass! Behind the scenes of the InGuardians door-in-a-box systems
Do you know who’s wandering around your company offices tonight? Want to bet? The barrier to perform RFID attacks has been lowered significantly. Getting reliable RFID card cloning equipment, especially long-range equipment used to be expensive and hard. Now it is...
Attacking and Detecting Attacks on Kubernetes Clusters – RSA2023
Kubernetes continues to gain adoption. One sign of its rapid growth is that more than five million developers are using it. Many companies don't yet have the most hardened clusters, particularly those in the early phases of their use. This session will demonstrate...
Ethics and Social Engineering Exercises
Security professionals often find themselves tasked with performing different social engineering exercises. Whether overseeing these projects for our organization or executing them for another, many considerations go into every exercise. What is the goal? Who will be...
Layer8 Conference – Recon Done Right: Physical Edition
Zlata Pavlova & Rob CurtinSeufert – “Recon Done Right – Physical Edition” Have you ever walked through a swamp at 3 am? Have you driven around blocks trying to mark what cars are located in the parking lot? Have you sat in the reeds taking pictures of cameras and...
Wild West Hackin’ Fest – Why Does Kubernetes Make Me Feel Like a Newbie?
Slides from Jay Beale's Wild West Hackin' Fest presentation - Why Does Kubernetes Make Me feel Like a Newbie?