Browse our blogs
We cover it all in The Security Blog. Discover what you’ve been looking for.
Persistence Through Service Workers—Part 2: C2 Setup and Use
Exploit Shadow Workers to inject malicious JavaScript, execute arbitrary commands in a victim's browser, and proxy traffic through their active session,…
Persistence Through Service Workers—Part 1: Introduction and Target Application Setup
Learn how to exploit Shadow Workers using a compromised WordPress server, a powerful proxy for browser-based attacks, with a step-by-step guide on setting up a…
They’re Watching You! Protecting Yourself From Hidden Cameras
Detect hidden cameras with your smartphone, using visual detection methods like flashlight scans and IR remote tests, or network detection tools that reveal…
Supply Chain Woes – Attacks and Issues in IT Infrastructure: What Can We Do?
Understanding supply chain security is crucial for businesses to protect their infrastructure and mitigate risks, ensuring long-term success and safeguarding…
Why your threat hunting program building shouldn't stop once the engagement is over
Understanding post-assessment Threat Hunting requirements, from program alignment to operational staffing and constraints, to ensure ongoing Threat Hunting…
Update: The Defensive Security Strategy
Prevent massive security breaches by protecting your perimeter, employees, and sensitive data with proactive monitoring, secure communication, and robust…
Obsidian, Taming a Collective Consciousness
Sam Link explores the benefits of Obsidian for team knowledge management, including Markdown, plaintext backend, Git integration, reduced overhead, and a…
Introducing iHide: A New Jailbreak Detection Bypass Tool
Bypass jailbreak detection in iOS applications with iHide, a new tool that enables seamless testing on rooted or jailbroken devices, allowing for Keychain…
Oh, Behave! Figuring Out User Behavior
Understanding Windows user behavior without triggering EDRs, Oddvar Moe explores Windows Timeline data stored in a SQLite database, providing valuable insights…
Is Cyber Insurance Becoming Worthless?
Is cyber insurance becoming worthless due to rising ransomware attacks and increasing policy denials, leaving businesses to shoulder all costs?
Reducing Merchant Scope to Ease the Compliance Burden
Implementing P2PE or E2EE solutions can significantly reduce PCI compliance scope, saving merchants time and effort, and allowing for a 90% reduction in…
BITS Persistence for Script Kiddies
BITS provides programmatic persistence for a command line of your choice using the IBackgroundCopyJob2::SetNotifyCmdLine method.
Loading...