Blog

Securing Wireless Infrastructure - Part 1

Posted by James Kennedy on May 22, 2023

Featured

Intro The wireless security landscape has remained largely unchanged since the development of Wi-Fi Protected Access (WPA/WPA2) in the early 2000s. However, in recent years the Wi-Fi alliance has made significant efforts to address long standing issues within these standards. In this entry I will shed some light on common infrastructure configurations, their associated weaknesses, and practical attacks against...Continue reading 

Indicators of Poor Assessment Work

Posted by Jake Reynolds on October 08, 2022

In the 11+ years Depth has been in business we've had the opportunity to see some less than stellar work as far as assessment services go. Our clients often send us assessment reports they've received from other security firms. Sometimes they want us to check remediation status on a single item. Other times they aren't sure whether a given vulnerability is...Continue reading 

Spray 365: A New Twist on Office 365 Password Spraying

Posted by Mark Hedrick on December 10, 2021

Spray365 Demo

TL;DR The current state of password spraying Office 365 accounts could benefit from new approaches to bypassing Azure AD conditional access policies and other techniques that make it difficult to detect password spraying techniques. Built with Python 3 using Microsoft's Authentication Library (MSAL), Spray365 makes password spraying more effective by identifying insecure conditional access policies and allows for randomized password spraying...Continue reading 

Have Questions?
Get Answers