Although the news of the infamous ConnectWise flaw which allowed for the creation of admin accounts is a bit cold, it still is one that bears discussion and plays heavily into a broader conversation around proper security controls at the edge of the network. For those that might have been living under a rock for the last few months, let’s recap what the ConnectWise ScreenConnect flaw was.

There is (and always has been) a debate about the ethics and impact of the release of Proof-of-Concept Exploit for an identified vulnerability and Open-Source Tools related to red-teaming. The debate, well really it has devolved into an argument, is very complex, nuanced, and (in full honesty) has multiple contexts that can be applied to it. However, it has become exceptionally binary. We now have the “Pro” side and the “Anti” side… The fact that this is where the line in the sand is being drawn is, well it is almost ignorant.

In what could be called a fantastic move, global law enforcement agencies attacked and took down LockBit’s infrastructure. The day of the event was filled with much celebration on X (Twitter) LinkedIn, Facebook and elsewhere. The memes flowed freely and even the usual naysayers could not dampen the enthusiasm over this significant event. Especially since it all appears to have been due to an unpatched vulnerability in PHP 8.x.

Black Hat 2023 Las Vegas. The term offensive security has always been an interesting one for me. On the surface is brings to mind reaching out and touching the bad guys. However, due to many laws that is not really a possibility (legally you cannot go past the first hop of an attack). So, what does Offensive Security really mean? We had a chat with the NetSPI team during Black Hat to find out their thoughts on this.