We’re Just Like the NSA, and Nothing Like Them
During penetration tests, and especially scoping calls, we often get quizzed about what secret, proprietary techniques we’ll use to gain access to privileged resources. Most folks assume they’re doing “good enough” or at least meeting “industry best practices” so only the latest, unknown attacks will be successful. The notorious ZeroDay always seems to take the …