Nov 7, 2019 | Auditing, Endpoint Security, Enterprise Security, OSINT, Pentesting, Training
Low-Hanging Fruit Series: Permissions At VDA Labs we work with a variety of companies both large and small. During our engagements, we see many of the same reoccurring issues that allow us access to systems. To help combat these threats VDA is starting a blog series... 
Oct 31, 2019 | Enterprise Security, Pentesting, Phishing, Security, Social Engineering, Training
Low-Hanging Fruit Series: Multi-factor Authentication (MFA) At VDA Labs we work with a variety of companies both large and small. During our engagements, we see many of the same reoccurring issues that allow us access to systems. To help combat these threats VDA Labs... 
Oct 1, 2019 | Pentesting, Phishing, Social Engineering, Training
Phishing Users using Evilginx and Bypassing 2FA Phishing is one of the largest ways that organizations are being compromised in 2019. The common recommendation is that all users should have two factor authentication (2FA) enabled on their accounts to help combat the... 
Sep 25, 2019 | Enterprise Security, Exploit Development, Pentesting, Vulnerabilities
Objective In an effort to help make us all more secure, VDA decided to release a pentest technique, that we discovered a while ago. We notified Microsoft many months ago of this technique, and they have been a great partner as always, in quickly working to mitigate... 
May 6, 2019 | Business, Pentesting, Privacy, Security
VDA Labs’ founder Dr. Jared DeMott as well as Greg Hatcher and Sy VanderMeulen were recently interviewed by WWMT to discuss WIFI security and the risks of using open wireless networks. Many people assume there are no risks in utilizing public wireless networks,... 
Apr 9, 2019 | Pentesting, Security
At VDA Labs we are constantly improving our tradecraft. One of the ways we do this is by leveraging, testing, and building tools. And when there are existing toolsets that make our jobs easier, we explore and share. Why is docker cool? When we use a tool, especially... 