In this week’s review Rise of LNK (Shortcut files) Malware LockBit 3.0 Released Now With Bug Bounty Program CISA Says PwnKit Exploited in the Wild […]
Subscribe to the CyberThreatPOV Podcast
June 24th 2022 CTP Week In Review: DFSCoerce, Ransomware in OneDrive & PowerShell Forever
In this week’s review: New NTLM Relaying Attack via DFSCoerce Ransomware Potential for OneDrive & SharePoint Files Keeping PowerShell: Security Measures to Use and Embrace […]
June 17th 2022 CTP Week In Review: BlackCat – LockBit 2.0 – Saitama DNS Tunneling – Exposed Travis CI Logs
In this week’s review: The rise of BlackCat (ALPHV) ransomware Microsoft Analysis of BlackCat AdvIntel Analysis of BlackCat Ransomware Group Debuts Searchable Victim Data LockBit […]
June 10th 2022 CTP Week in Review: Dogwalk – Qakbot – Follina – ESXi Ransomware
In this week’s review: A DFIR Report with no Ransomware and no Cobalt Strike Path Traversal & MOTW Bypass – DIAGCAB Windows Zero-day aka “Dogwalk” […]
It’s a Trap! Avoid These 4 Common Pentesting Mistakes
Introduction Penetration testing and ethical hacking is awesome and it’s all a TON of fun. Well, most of the time, when you’re not troubleshooting for […]
June 3rd 2022 – Cyber Threat Perspective – Week in Review
In this week’s review: Microsoft Diagnostics Tool Remote Code Execution Zero Day New Windows Search zero-day added to Microsoft protocol nightmare Vendor Refuses to Remove […]
Threat Intel Flash Briefing – Microsoft Diagnostics Tool Remote Code Execution Vulnerability
There exists a zero-day code execution vulnerability (CVE-2022-30190) in Microsoft office, specifically with the Microsoft Diagnostics Tool (MSDT). The technique observed in the wild targets […]
May 27th 2022 – Cyber Threat Perspective – Week in Review
In This Weeks Review PDF Malware Is Not Dead Yet Detecting & Preventing Rogue Azure Subscriptions Python and PHP Library Updated with ‘Extra’ Features by […]
May 20th 2022 – Cyber Threat Perspective – Week in Review
In This Weeks Review Gootloader & Gootkit Analysis by DFIR Report and Red Canary Authenticated PetitPotam Lives On (CVE-2022-26925) The Hunter Becomes the Hunted: Evicting […]
May 13th 2022 – Cyber Threat Perspective – Week in Review
In This Weeks Review Threat Actor using Windows Event Logs for “fileless” Malware CVE-2022-1388 – F5 BIG-IP PoC Released CVE-2021-22600 – Privilege Escalation Bug In […]