BLOG

In today’s world of recruitment, things move at a fast pace. One of the most difficult parts of the hiring process, for both candidates and employers, is misalignment around speed and efficiency of the interview process. What are the important things to consider when structuring a hiring process? As a candidate how can you best […]

BloodHound, available at bloodhound.readthedocs.io, maps Windows Active Directory permissions to a graph database that lets users trace attack paths using a GUI and a query system. To make that more concrete, BloodHound can answer questions such as: Who is allowed to RDP to Computer132? Which computers does JohnSmith have admin access to? What are all the […]

The security game is complex, and it’s a hard one to play and get right. The unfortunate reality is that the good guys have to be right consistently, whereas the bad guys only have to be right once. A prime example of this complex game is Log4j. Chances are, you either have extensive knowledge of […]

Despite the ups and downs of this year, we were able to maintain our commitment to service. We continued our remote efforts, including donor drives, walkathons for Charity Miles, our Acts of Kindness Challenge, participating in Giving Tuesday, etc. However, we were truly thrilled for the opportunity to return to in-person volunteer events. Our team members facilitated and participated in in-person volunteer events on their own, and we were […]

Cybersecurity can be an endless game of cat and mouse, and attackers are constantly looking for ways into your organization. While major Internet and software providers, including the open source community, are constantly improving security technology, a notable area of risk remains human: phishing. According to the 2021 Verizon Data Breach Investigations Report, phishing has remained […]

“Give me six hours to chop down a tree, and I will spend the first four sharpening the axe.” – Abraham Lincoln As 2021 draws to a close and we prepare to welcome the new year, it is important to evaluate how your business and its needs have changed over the past year. Our reliance […]

Smartphones, tablets and other mobile devices have become ubiquitous in our society over the past few decades, leading to a world where many of us have one in our possession at all times.  The sheer technical capabilities of these devices are tremendous, and they have provided innumerable advancements in efficiency and accessibility for individuals and […]

Emails are sent from a source server to a destination server (sometimes through multiple hops) via the SMTP protocol. When you use a webmail client – think Gmail and Yahoo – to send an email, the web server sends emails to its bundled SMTP server and handles authentication for you. When you send an email […]

Ask any cybersecurity professional if using self-signed SSL certificates is acceptable, and they’ll probably say “not really.” Ask why, and we’ll say “we can’t always know who’s behind the screen,” even though we really want to say “Man-in-the-Middle attack.” Then we’d advise your server to utilize a certificate issued by a Certificate Authority trusted by […]

Ahh, the Network Operations Center. I have been working in a NOC in many compacities my entire career in IT. I have also had the chance to build one from the ground up, physically and operationally, including the continued facilities management. Most people in the industry have either worked in, around, with or are aware […]

In Carve’s internal engagement service line, we simulate an attacker on a corporate network, which is usually Windows-based. We use a variety of tools to gather information, but we were frustrated by reliability, performance and logging of tools dealing with scanning SMB shares, so we wrote a small Impacket-based tool as a replacement. The main […]

How many times have you heard “long lead time,” “out of stock,” or “backordered” in the past few months? Vendors and IT professionals alike have had to get creative to solve the ever present challenges during this time of extreme demand and very low inventory. Unless you’ve been living under a rock, you’ve heard about […]