@neuvik.bsky.social
Want a seat at the table?Β Whether you're a CISO or just starting out, stop speaking in purely technical metrics.
Start using the language of riskπ (With Celina Stewart)
Think one annual report is enough to scare off the monsters? π
Think again!
Cyber/AI risks are continuous, and your defenses should be too. Continuous risk assessments keep the real threats at bay.
Ready for continuous defense?Β Learn more: https://neuvik.com/our-services/advanced-assessments/
"Who's managing your AI risk?"π€
If questions about AI governance, councils, policies, or metrics stress you out, you need a clear plan.
Our AI Governance & Program Development services build the framework to manage and measure AI risk
Ready to get started? Contact us: https://tinyurl.com/4cfcpem4
You need to know if you can find the adversary dwelling in your environment for eight days. Here are three reasons you need a security assessmentΒ right now:
1οΈβ£Reduce Dwell Time
2οΈβ£ Validate Defensive Tools
3οΈβ£ Address Rapid Changes
Learn more how we can help you here: https://tinyurl.com/yfajh9s2
The moment when you realize you have to stop playing defense and start talking business.
28.10.2025 15:02 β π 0 π 0 π¬ 0 π 0
AI vs. Traditional Security: Predictability is the key.π
Traditional systems are deterministic (predictableΒ results). LLMs are non-deterministic (unpredictable output from the same input).
Standard pentesting fails here.Β
Want to learn why ?Β
Read more here: https://tinyurl.com/ys6khabn
Too many companies are failing the same security tests, over and over again.
At Neuvik, we specialize in offensive security and risk assessments, drawing from years of pentests and red team operations!
Ready to stop repeating the same findings?
Learn more: https://neuvik.com/our-services/
"We know Cyber & AI Risk Management."π€―
Is your IT department feeling like Spongebob?Β
Don't let the complexity bury your team. We provide the expertise and clarity to turn this chaos into a manageable strategy.
Contact us today to learn how we simplify Cyber & AI Risk Management.
Securing AI? Start by understanding risk.
It's more than tech flaws; it's business impact!
You need to learn:
1οΈβ£ Data Governance
2οΈβ£ Strict OversightΒ
3οΈβ£ Foundational SecurityΒ
Ready to manage AI risk?
Read the full article! π
https://tinyurl.com/57x79xfh
Hackers weaponized emojis!Β
The Emoji Jailbreak exploits LLM tokenization. Emojis force dangerous words (like "Bπ£mb") to split into "safe" pieces, bypassing security filters, allowing the LLM to generate content it was explicitly supposed to refuse.
How robust are your LLM defenses? Contact us!
π΅Tomorrow. Don't miss this.
Join Moses Frost,Β Senior Consultant at Neuvik and author of SANS: SEC588, for a deep dive into AI, emergent risks, and the techniques involved in defending against them.
Sign up for free here: https://tinyurl.com/urdj2m87
Neuvik is a 2025 NVTC Cyber50 Honoree!Β
We're recognized for driving innovation and resilience,Β helping define the National Capital Region as the cyber excellence epicenter.
Thanks, NVTC!
Read the full press release here:Β https://tinyurl.com/CYBERHONOREE
Cloud storage leaking data?Β Insecure by default settings (like public S3 buckets & open ports) are huge risks!
Attackers use these common entry points. Learn how to lock down:
π΅ Public Access
π΅ Over-Permissive Roles
π΅ Open Ports
Read this to secure your cloud now!π
https://tinyurl.com/leakedcloud
Learning how red teams are owning the cloud.
This in-depth discussion shows how elite attackers bypass MFA, exploit identity misconfigs, and extract credentials without touching endpoints.
Watch now if you're serious about cloud security offense π
The moral of the story?Β Cloud breaches aren't loud. Theyβre quiet, credentialed, and API-driven.
17.10.2025 14:31 β π 0 π 0 π¬ 0 π 0π Pivoting via Azure AD Federation
Even in Okta or Google-managed orgs, Azure AD often still handles device joins or Graph access. Red Teams exploit this bridge using token replay or device joins to escalate across trust boundaries. Used in hybrid assessments to bridge environments.
9οΈβ£ Region-Specific Attack Planning
Cloud footprint varies by region:
πΊπΈ US startups = full cloud
πͺπΊ EU enterprises = hybrid/on-prem
Red Teams tailor initial access and post-ex strategies depending on infra maturity and identity structure.
8οΈβ£ Tool-Aided Enumeration with Manual Review
Tools like ScoutSuite, CloudFox, and TokenTactics are used early in engagements. These tools surface misconfigs and identity gaps.Β Used to build initial situational awareness.
7οΈβ£ Token Analysis for Recon and Priv Esc
JWTs issued by Azure or AWS contain critical claims (scp, azp, upn). Red Teams can decode tokens using jwt.ms to map what the token can access. We use this to find overly-permissive scopes and escalate privileges.
6οΈβ£ Microsoft Graph as a Post-Exploitation Toolkit
After access is granted, red teamers use Graph to:
π Search inboxes for creds
π Download attachments
ποΈ List files from OneDrive
ποΈ Read calendar entries
Itβs quiet, credentialed access and perfect for stealthy data exfil.
5οΈβ£ App Consent Phishing to Evade MFA
Rather than steal passwords, attackers trick users into authorizing a malicious Azure app.
Once approved, the app gets delegated Graph API access (including emails, files, and calendars).
Used in phishing engagements to simulate real-world cloud takeovers.
4οΈβ£ Identity Confusion Exploits in Apps
Red teams look for apps that rely on mutable claims (like email) instead of immutable identifiers (UPN).
We can then modify lowercase/uppercase in OAuth claims to impersonate users andΒ gain access with no credentials.
3οΈβ£ Refresh Token Hijacking for Persistent Access
Attackers phish or extract refresh tokens from memory or browser storage. Once stolen, they reuse it for days or weeks, bypassing MFA.
We use this to stay embedded in your environment without raising red flags.
2οΈβ£ Dropping Legacy Recon, Embracing API-Based Attacks
On-prem recon uses Nmap. In cloud, we query APIs like AWS CLI or Azure Graph, enumerating services, IAM roles, storage buckets via credentialed API calls, not noisy scans.
1οΈβ£ Control Plane Access = Full Cloud Compromise
Red Teams target cloud consoles (e.g., AWS, Azure) to snapshot disks, bypass EDR, and dump credentials offline.
Example: Extracting VMDKs and analyzing LSASS memory with WinDbg.
We do this when endpoint defenses are too hardened for direct access.
Forget firewalls. Red Teamers target tokens, APIs, and identities.
10 techniques we use to break into cloud environmentsπ
The rise of "Shadow AI" is creating major blind spots for security and compliance teams.
Our AI Asset Inventory service solves this problem.
Learn more: https://neuvik.com/our-services/cyber-risk-management/
Cloud misconfigurations are still one of the top causes of breaches.
At Neuvik, we help you find those mistakes before theyβre exploited:
Donβt wait for attackers to find the gaps. Partner with Neuvik to harden your cloud security.
Learn more: https://neuvik.com/our-services/advanced-assessments
Understanding control vs. data plane is foundational in cloud pentesting. Itβs how offensive teams turn a single console foothold into full data compromise. Master this and youβll see how attackers really pivot in your cloud.
14.10.2025 14:06 β π 0 π 0 π¬ 0 π 0β οΈ Real-world abuse scenario
Attackers with control plane access snapshot storage volumes, extract them offline, and dump LSASS. This sidesteps EDRs, since everything happens outside the monitored runtime.
