In This Weeks Review PDF Malware Is Not Dead Yet Detecting & Preventing Rogue Azure Subscriptions Python and PHP Library Updated with ‘Extra’ Features by […]
May 20th 2022 – Cyber Threat Perspective – Week in Review
In This Weeks Review Gootloader & Gootkit Analysis by DFIR Report and Red Canary Authenticated PetitPotam Lives On (CVE-2022-26925) The Hunter Becomes the Hunted: Evicting […]
May 13th 2022 – Cyber Threat Perspective – Week in Review
In This Weeks Review Threat Actor using Windows Event Logs for “fileless” Malware CVE-2022-1388 – F5 BIG-IP PoC Released CVE-2021-22600 – Privilege Escalation Bug In […]
May 6th, 2022 – Cyber Threat Perspective – Week in Review
In this week’s review Detecting SharpHound using Decoys UNC3524: Eye Spy on Your Email | Mandiant The New Initial Access Trend: ZIPs, ISOs & LNKs […]
What to Expect During Your Upcoming External Penetration Test
Background Customers often have questions about their upcoming external network penetration test. Many times our analysts are asked: What systems will be affected? Will this […]
3 Easy Wins For Defenders From A Pentesters Point Of View
There’s no shortage of stories about how a bad actor was able to compromise a user’s computer, and within minutes, move laterally, achieve Domain Admin […]
Threat Intel Flash Briefing – Kerberos Relaying to Local SYSTEM
There exists a universal no-fix local privilege escalation in Windows domain environments where LDAP signing is not enforced (the default settings). Thanks to the research […]
A Vulnerability Assessment is NOT a Penetration Test
Introduction Understanding the difference between a penetration test and a vulnerability assessment is critical to understanding security posture and managing risk. Vulnerability assessments and Penetration tests (pen test for […]