In this week’s review Cleartext Shenanigans: Gifting User Passwords to Adversaries With NPPSPY Realtek SDK Vulnerability Exposes Routers InfoSec Handlers Diary Blog – SANS […]
Subscribe to the CyberThreatPOV Podcast
Episode 3: It’s a Trap! Avoid These 4 Common Pentesting Mistakes
This podcast is a discussion about 4 Common Pentesting Mistakes that we oursleves have made and have seen other pentesters make. Hopefully, the dialog around […]
8-12-22 Week in Review: BumbleBee Malware & High Profile Phishing Attacks
 In this week’s review BumbleBee Roasts Its Way to Domain Admin SMS & Voice Phishing Attacks https://www.twilio.com/blog/august-2022-social-engineering-attack https://blog.cloudflare.com/2022-07-sms-phishing-attacks/ https://blog.talosintelligence.com/2022/08/recent-cyber-attack.html If you’re on the go, […]
Episode 2: How to Find Passwords on Network Shares Before Attackers Do
 Brad and Spencer discuss a common finding on internal penetration tests. If you’re on to go, listen here or on your favorite podcast app: […]
8-5-22 Week in Review: Evasive Phishing, Tricky Malware and Initial Access Brokers
 In this week’s review Large-Scale AiTM Attack targeting enterprise users of Microsoft email services Deception at a scale Initial Access Brokers Are Key to […]
Episode 1: Takeaways from the 2022 Verizon Data Breach Investigations Report
This podcast is a discussion about the 2022 Verizon Data Breach Investigations Report and some of our key takeaways. From the Executive Summary of the […]
July 29th 2022 Week In Review: Intergalactic Planetary Phishing, ISOs & LNKs, Ransomware & Extortion
 In this week’s review: IPFS The New Hotbed of Phishing How Threat Actors Are Adapting to a Post-Macro World Palo Alto 2022 Incident Response […]
July 22nd 2022 CTP Week in Review: RIP Macros, Bad Luck BlackCat, Mr. Eagle
 In this week’s review: Microsoft resumes default blocking of Office macros after updating docs https://docs.microsoft.com/en-us/deployoffice/security/internet-macros-blocked A potentially dangerous macro has been blocked BlackCat ransomware […]
July 15th 2022 CTP Week in Review: Macros, Coin Miners, Rustomware, Cookie Phishing
 In this week’s review: Microsoft DOES plan to work on blocking internet macros by default in Office, their pause is apparently temporary The DFIR […]
July 8th 2022 CTP Week in Review: Office Macros – BRC4 – QNAPWorm – Leaky S3 Buckets – Prevention Over Response
 In this week’s review Microsoft Rolls Back Decision to Block Office Macros By Default 😢 Possible APT29/Ransomware Groups Use of Brute Ratel C4 When Pentest […]