SCCM Exploitation: Compromising Network Access Accounts
May 2, 2024 Authors: Marshall Price and Connor Dowling TL;DR: SCCM Network Access Accounts (NAA) are frequently used despite being associated with several attack primitives.
Archive
SCCM Exploitation: Account Compromise Through Automatic Client Push & AD System Discovery
March 28, 2024 Author: Marshall Price, Senior Security Consultant TL;DR: The following conditions can lead to compromise of the SCCM client push account and SCCM machine account.
Unlocking the full potential of Breach and Attack Simulation
May 30, 2023 Today’s continuously evolving cybersecurity landscape runs security teams thin and can keep organizational leaders up at night.
Penetration Testing – What’s New in the PCI DSS v4.0
October 6, 2022 Penetration testing (pen testing) remains largely the same in PCI version 4.0 as it was intended in PCI version 3.2.1, but the explanation of the intent is clarified.