In this week’s review Detecting SharpHound using Decoys UNC3524: Eye Spy on Your Email | Mandiant The New Initial Access Trend: ZIPs, ISOs & LNKs […]
Subscribe to the CyberThreatPOV Podcast
What to Expect During Your Upcoming External Penetration Test
Background Customers often have questions about their upcoming external network penetration test. Many times our analysts are asked: What systems will be affected? Will this […]
3 Easy Wins For Defenders From A Pentesters Point Of View
There’s no shortage of stories about how a bad actor was able to compromise a user’s computer, and within minutes, move laterally, achieve Domain Admin […]
Threat Intel Flash Briefing – Kerberos Relaying to Local SYSTEM
There exists a universal no-fix local privilege escalation in Windows domain environments where LDAP signing is not enforced (the default settings). Thanks to the research […]
A Vulnerability Assessment is NOT a Penetration Test
Introduction Understanding the difference between a penetration test and a vulnerability assessment is critical to understanding security posture and managing risk. Vulnerability assessments and Penetration tests (pen test for […]