 In this week’s review: Microsoft resumes default blocking of Office macros after updating docs https://docs.microsoft.com/en-us/deployoffice/security/internet-macros-blocked A potentially dangerous macro has been blocked BlackCat ransomware […]
Subscribe to the CyberThreatPOV Podcast
July 15th 2022 CTP Week in Review: Macros, Coin Miners, Rustomware, Cookie Phishing
 In this week’s review: Microsoft DOES plan to work on blocking internet macros by default in Office, their pause is apparently temporary The DFIR […]
July 8th 2022 CTP Week in Review: Office Macros – BRC4 – QNAPWorm – Leaky S3 Buckets – Prevention Over Response
 In this week’s review Microsoft Rolls Back Decision to Block Office Macros By Default 😢 Possible APT29/Ransomware Groups Use of Brute Ratel C4 When Pentest […]
July 1st 2022 CTP Week in Review: LNK Malware – LockBit 3.0 Bug Bounty – PwnKit Exploitation In The Wild
In this week’s review Rise of LNK (Shortcut files) Malware LockBit 3.0 Released Now With Bug Bounty Program CISA Says PwnKit Exploited in the Wild […]
June 24th 2022 CTP Week In Review: DFSCoerce, Ransomware in OneDrive & PowerShell Forever
In this week’s review: New NTLM Relaying Attack via DFSCoerce Ransomware Potential for OneDrive & SharePoint Files Keeping PowerShell: Security Measures to Use and Embrace […]
June 17th 2022 CTP Week In Review: BlackCat – LockBit 2.0 – Saitama DNS Tunneling – Exposed Travis CI Logs
In this week’s review: The rise of BlackCat (ALPHV) ransomware Microsoft Analysis of BlackCat AdvIntel Analysis of BlackCat Ransomware Group Debuts Searchable Victim Data LockBit […]
June 10th 2022 CTP Week in Review: Dogwalk – Qakbot – Follina – ESXi Ransomware
In this week’s review: A DFIR Report with no Ransomware and no Cobalt Strike Path Traversal & MOTW Bypass – DIAGCAB Windows Zero-day aka “Dogwalk” […]
June 3rd 2022 – Cyber Threat Perspective – Week in Review
In this week’s review: Microsoft Diagnostics Tool Remote Code Execution Zero Day New Windows Search zero-day added to Microsoft protocol nightmare Vendor Refuses to Remove […]
Threat Intel Flash Briefing – Microsoft Diagnostics Tool Remote Code Execution Vulnerability
There exists a zero-day code execution vulnerability (CVE-2022-30190) in Microsoft office, specifically with the Microsoft Diagnostics Tool (MSDT). The technique observed in the wild targets […]
May 27th 2022 – Cyber Threat Perspective – Week in Review
In This Weeks Review PDF Malware Is Not Dead Yet Detecting & Preventing Rogue Azure Subscriptions Python and PHP Library Updated with ‘Extra’ Features by […]