In this week’s review Detecting SharpHound using Decoys UNC3524: Eye Spy on Your Email | Mandiant The New Initial Access Trend: ZIPs, ISOs & LNKs […]
Subscribe to the CyberThreatPOV Podcast
3 Easy Wins For Defenders From A Pentesters Point Of View
There’s no shortage of stories about how a bad actor was able to compromise a user’s computer, and within minutes, move laterally, achieve Domain Admin […]
Threat Intel Flash Briefing – Kerberos Relaying to Local SYSTEM
There exists a universal no-fix local privilege escalation in Windows domain environments where LDAP signing is not enforced (the default settings). Thanks to the research […]
A Vulnerability Assessment is NOT a Penetration Test
Introduction Understanding the difference between a penetration test and a vulnerability assessment is critical to understanding security posture and managing risk. Vulnerability assessments and Penetration tests (pen test for […]