Old But New

An unquoted Environment Variable path in a Scheduled Task that runs as system Unquoted paths are abused frequently on engagements. Normally an attacker would see an unquoted service path, not an unquoted schedule task path. What makes this unique is that it is an environment variable that has a space in it that allows for an attacker to abuse it. The key is, if the path is unquoted then Windows sees the space character in the path as a delimiter and will then search for program.exe instead of knowing to go to C:\Program Files\. I was surprised that an up to date Windows 10 machine would still have a vulnerability like this. The scheduled task shell-usoscan is present when Windows 10 repo

SIXGEN Dominates in DEF CON 27 IoT Village Capture the Flag Challenge

DEF CON is the largest hacking convention in the world. It takes place annually in Las Vegas, Nevada, and attracts everyone from the novice to hacktivist groups. Even nation-states attend the convention, seeking access to an assortment of both wonderful and dangerous information that is shared amongst the highly skilled attendants. The event, now in its 27th year, draws over 30,000 people to the various product showcases, presentations, talks, and security competitions. With so many technologists in a small space, attendees can find unique and unusual devices abound. From robotic bartenders to iPhone chargers that can hack your computer, the products displayed at DEF CON are as diverse as th


We are here to help you meet your cybersecurity needs.

  E | 

  F | 

  P | 

  A | 

MD Licensed
Private Investigator


NAICS Codes:
541990 | 512110 | 519190 |541330 | 541340 | 541511 | 541512 | 541513 | 541519 | 541611 | 541712 | 611420 | 611699 | 541715 | 611430