 It’s no secret law firms have become prime targets for attackers due to the sensitive information they handle and the clients they do business […]
Subscribe to the CyberThreatPOV Podcast
9-16-22 Week in Review: Uber Hacked, Teams Cleartext Tokens, Intermittent Ransomware Encryption
 In this week’s review Uber was hacked Microsoft Teams stores auth tokens as cleartext in Windows, Linux, Macs Ransomware Developers Turn to Intermittent Encryption […]
8-19-22 Week in Review: Password Snooping, Supply Chain, Cl0p Ransomware
 In this week’s review Cleartext Shenanigans: Gifting User Passwords to Adversaries With NPPSPY Realtek SDK Vulnerability Exposes Routers InfoSec Handlers Diary Blog – SANS […]
8-5-22 Week in Review: Evasive Phishing, Tricky Malware and Initial Access Brokers
 In this week’s review Large-Scale AiTM Attack targeting enterprise users of Microsoft email services Deception at a scale Initial Access Brokers Are Key to […]
July 29th 2022 Week In Review: Intergalactic Planetary Phishing, ISOs & LNKs, Ransomware & Extortion
 In this week’s review: IPFS The New Hotbed of Phishing How Threat Actors Are Adapting to a Post-Macro World Palo Alto 2022 Incident Response […]
July 22nd 2022 CTP Week in Review: RIP Macros, Bad Luck BlackCat, Mr. Eagle
 In this week’s review: Microsoft resumes default blocking of Office macros after updating docs https://docs.microsoft.com/en-us/deployoffice/security/internet-macros-blocked A potentially dangerous macro has been blocked BlackCat ransomware […]
July 15th 2022 CTP Week in Review: Macros, Coin Miners, Rustomware, Cookie Phishing
 In this week’s review: Microsoft DOES plan to work on blocking internet macros by default in Office, their pause is apparently temporary The DFIR […]
July 1st 2022 CTP Week in Review: LNK Malware – LockBit 3.0 Bug Bounty – PwnKit Exploitation In The Wild
In this week’s review Rise of LNK (Shortcut files) Malware LockBit 3.0 Released Now With Bug Bounty Program CISA Says PwnKit Exploited in the Wild […]
June 24th 2022 CTP Week In Review: DFSCoerce, Ransomware in OneDrive & PowerShell Forever
In this week’s review: New NTLM Relaying Attack via DFSCoerce Ransomware Potential for OneDrive & SharePoint Files Keeping PowerShell: Security Measures to Use and Embrace […]
June 17th 2022 CTP Week In Review: BlackCat – LockBit 2.0 – Saitama DNS Tunneling – Exposed Travis CI Logs
In this week’s review: The rise of BlackCat (ALPHV) ransomware Microsoft Analysis of BlackCat AdvIntel Analysis of BlackCat Ransomware Group Debuts Searchable Victim Data LockBit […]