 In this week’s review Microsoft Rolls Back Decision to Block Office Macros By Default 😢 Possible APT29/Ransomware Groups Use of Brute Ratel C4 When Pentest […]
Subscribe to the CyberThreatPOV Podcast
July 1st 2022 CTP Week in Review: LNK Malware – LockBit 3.0 Bug Bounty – PwnKit Exploitation In The Wild
In this week’s review Rise of LNK (Shortcut files) Malware LockBit 3.0 Released Now With Bug Bounty Program CISA Says PwnKit Exploited in the Wild […]
June 24th 2022 CTP Week In Review: DFSCoerce, Ransomware in OneDrive & PowerShell Forever
In this week’s review: New NTLM Relaying Attack via DFSCoerce Ransomware Potential for OneDrive & SharePoint Files Keeping PowerShell: Security Measures to Use and Embrace […]
June 17th 2022 CTP Week In Review: BlackCat – LockBit 2.0 – Saitama DNS Tunneling – Exposed Travis CI Logs
In this week’s review: The rise of BlackCat (ALPHV) ransomware Microsoft Analysis of BlackCat AdvIntel Analysis of BlackCat Ransomware Group Debuts Searchable Victim Data LockBit […]
June 10th 2022 CTP Week in Review: Dogwalk – Qakbot – Follina – ESXi Ransomware
In this week’s review: A DFIR Report with no Ransomware and no Cobalt Strike Path Traversal & MOTW Bypass – DIAGCAB Windows Zero-day aka “Dogwalk” […]
June 3rd 2022 – Cyber Threat Perspective – Week in Review
In this week’s review: Microsoft Diagnostics Tool Remote Code Execution Zero Day New Windows Search zero-day added to Microsoft protocol nightmare Vendor Refuses to Remove […]
Threat Intel Flash Briefing – Microsoft Diagnostics Tool Remote Code Execution Vulnerability
There exists a zero-day code execution vulnerability (CVE-2022-30190) in Microsoft office, specifically with the Microsoft Diagnostics Tool (MSDT). The technique observed in the wild targets […]
May 27th 2022 – Cyber Threat Perspective – Week in Review
In This Weeks Review PDF Malware Is Not Dead Yet Detecting & Preventing Rogue Azure Subscriptions Python and PHP Library Updated with ‘Extra’ Features by […]
May 20th 2022 – Cyber Threat Perspective – Week in Review
In This Weeks Review Gootloader & Gootkit Analysis by DFIR Report and Red Canary Authenticated PetitPotam Lives On (CVE-2022-26925) The Hunter Becomes the Hunted: Evicting […]
May 13th 2022 – Cyber Threat Perspective – Week in Review
In This Weeks Review Threat Actor using Windows Event Logs for “fileless” Malware CVE-2022-1388 – F5 BIG-IP PoC Released CVE-2021-22600 – Privilege Escalation Bug In […]