 It’s an unfortunate truth that we see these common high risk findings time and time again on internal pentests. We find these issues on […]
Subscribe to the CyberThreatPOV Podcast
8-26-22 Week in Review: LastPass Breach, Office 365 Abuse, DevSecOps
 In this week’s review Hackers Breach LastPass Developer System to Steal Source Code You Can’t Audit Me: APT29 Continues Targeting Microsoft 365 | Mandiant […]
Episode 4: 7 Awesome Ways to Show Off Your Skills as a Pentester
 In order to stay relevant and up-to-date with new techniques and tools, it requires a certain amount of focus day after day, week after […]
8-19-22 Week in Review: Password Snooping, Supply Chain, Cl0p Ransomware
 In this week’s review Cleartext Shenanigans: Gifting User Passwords to Adversaries With NPPSPY Realtek SDK Vulnerability Exposes Routers InfoSec Handlers Diary Blog – SANS […]
Episode 3: It’s a Trap! Avoid These 4 Common Pentesting Mistakes
This podcast is a discussion about 4 Common Pentesting Mistakes that we oursleves have made and have seen other pentesters make. Hopefully, the dialog around […]
8-12-22 Week in Review: BumbleBee Malware & High Profile Phishing Attacks
 In this week’s review BumbleBee Roasts Its Way to Domain Admin SMS & Voice Phishing Attacks https://www.twilio.com/blog/august-2022-social-engineering-attack https://blog.cloudflare.com/2022-07-sms-phishing-attacks/ https://blog.talosintelligence.com/2022/08/recent-cyber-attack.html If you’re on the go, […]
Episode 2: How to Find Passwords on Network Shares Before Attackers Do
 Brad and Spencer discuss a common finding on internal penetration tests. If you’re on to go, listen here or on your favorite podcast app: […]
8-5-22 Week in Review: Evasive Phishing, Tricky Malware and Initial Access Brokers
 In this week’s review Large-Scale AiTM Attack targeting enterprise users of Microsoft email services Deception at a scale Initial Access Brokers Are Key to […]
Episode 1: Takeaways from the 2022 Verizon Data Breach Investigations Report
This podcast is a discussion about the 2022 Verizon Data Breach Investigations Report and some of our key takeaways. From the Executive Summary of the […]
July 29th 2022 Week In Review: Intergalactic Planetary Phishing, ISOs & LNKs, Ransomware & Extortion
 In this week’s review: IPFS The New Hotbed of Phishing How Threat Actors Are Adapting to a Post-Macro World Palo Alto 2022 Incident Response […]