🇬🇧
100 Security Assessments in One Year! Looking back at 2025
In 2025, Assured completed 100 security assessments covering many different industries and technologies. Here are the numbers, and what records we’re aiming to break in 2026.
Disrupting the Dark Dystopia
I vår blogg delar vi med oss av vår kunskap via blogginlägg om nyheter och händelser samt beskrivningar av bästa praxis inom cybersäkerhet.
Senaste blogginläggen
🇬🇧
The Assured Satellite Hacking CTF Challenge at Security Fest 2025
Writeup of the Assured-sponsored CTF challenge at Security Fest 2025, exploring satellite signal hacking with RTL-SDR.
🇬🇧
The Single-Packet Shovel: Digging for Desync-Powered Request Tunnelling
In this paper I will reveal the discovery of wide-spread cases of request tunnelling in applications powered by popular servers including IIS, Azure Front Door and AWS' application load balancer including the creation of a novel detection technique that combined the recently popularized "Single-Packet Attack" with our ever-trusty HTTP desync techniques.
🇬🇧
Initial Access Threats to Entra ID/Azure AD
Common initial access attacks used to gain foothold in Microsoft cloud tenants.
Populära blogginlägg
🇬🇧
2023 Retrospective: IT Infrastructure and Active Directory Security
A 2023 retrospective by Assured Security Consultants on security assessments conducted, highlighting key IT infrastructure and Active Directory vulnerabilities, the impact of new regulations, and strategies for a more secure future.
🇬🇧
Zabbix Agent Security
Zabbix is a popular monitoriting tool used by many different organizations, which exposes file read and execute permissions and thus poses an interesting target for penetration testers and researchers.
🇬🇧
Google Cloud Platform (GCP) Security Best Practices
A walkthrough of a couple of Google Cloud Platform (GCP) features with security recommendations and advice on how to configure your GCP environments.