In this week’s review: Microsoft DOES plan to work on blocking internet macros by default in Office, their pause is apparently temporary The DFIR […]
July 8th 2022 CTP Week in Review: Office Macros – BRC4 – QNAPWorm – Leaky S3 Buckets – Prevention Over Response
In this week’s review Microsoft Rolls Back Decision to Block Office Macros By Default 😢 Possible APT29/Ransomware Groups Use of Brute Ratel C4 When Pentest […]
7 Awesome Ways to Show Off Your Skills as a Pentester
Introduction Cybersecurity is an extremely fast moving field. While there are some tried and true things in cybersecurity, there are just as many things […]
July 1st 2022 CTP Week in Review: LNK Malware – LockBit 3.0 Bug Bounty – PwnKit Exploitation In The Wild
In this week’s review Rise of LNK (Shortcut files) Malware LockBit 3.0 Released Now With Bug Bounty Program CISA Says PwnKit Exploited in the Wild […]
June 24th 2022 CTP Week In Review: DFSCoerce, Ransomware in OneDrive & PowerShell Forever
In this week’s review: New NTLM Relaying Attack via DFSCoerce Ransomware Potential for OneDrive & SharePoint Files Keeping PowerShell: Security Measures to Use and Embrace […]
June 17th 2022 CTP Week In Review: BlackCat – LockBit 2.0 – Saitama DNS Tunneling – Exposed Travis CI Logs
In this week’s review: The rise of BlackCat (ALPHV) ransomware Microsoft Analysis of BlackCat AdvIntel Analysis of BlackCat Ransomware Group Debuts Searchable Victim Data LockBit […]
June 10th 2022 CTP Week in Review: Dogwalk – Qakbot – Follina – ESXi Ransomware
In this week’s review: A DFIR Report with no Ransomware and no Cobalt Strike Path Traversal & MOTW Bypass – DIAGCAB Windows Zero-day aka “Dogwalk” […]
It’s a Trap! Avoid These 4 Common Pentesting Mistakes
Introduction Penetration testing and ethical hacking is awesome and it’s all a TON of fun. Well, most of the time, when you’re not troubleshooting for […]
June 3rd 2022 – Cyber Threat Perspective – Week in Review
In this week’s review: Microsoft Diagnostics Tool Remote Code Execution Zero Day New Windows Search zero-day added to Microsoft protocol nightmare Vendor Refuses to Remove […]
Threat Intel Flash Briefing – Microsoft Diagnostics Tool Remote Code Execution Vulnerability
There exists a zero-day code execution vulnerability (CVE-2022-30190) in Microsoft office, specifically with the Microsoft Diagnostics Tool (MSDT). The technique observed in the wild targets […]