We share our expertise to make the world a safer place.
InfoSec moves at a rapid pace and sometimes it’s hard to keep up—that’s where we enter the chat.
Discover current cybersecurity insights
Get vital information straight from the experts, without all the noise.
Security Noise - Episode 7.1
CrowdStrike After Action
When on Workstation, Do as the Local Browsers Do!
1 IntroductionWeb browsers are common targets for many different APTs. Tools like Redline Malware or penetration testing tools such as SharpChrome or…
Gobbling Up Forensic Analysis Data Using Velociraptor
Lately I have been working with Velociraptor for its endpoint and digital forensic capabilities and specifically spent time in many cases in the past two years…
The Hunter’s Workshop: Mastering the Essentials of Threat Hunting
As an incident unfolds, skilled threat hunters with a special talent for uncovering hidden threats stand at the ready. These hunters smoke jump into the chaos…
Understanding and Documenting PCI DSS Scope
As new PCI DSS guidance emerges, the expectations placed on auditors and the entities they assess are evolving. New requirement 12.5.2 defines scope…
Oops I UDL'd it Again
IntroductionPhishing. We all love phishing. This post is about a new phishing technique based on some legacy knowledge I had that can be used to get past email…
Must I TRA?: PCI Targeted Risk Analysis
Use of Targeted Risk Analysis (TRA) is a PCI best practice until March 31, 2025, at which time it becomes required for several controls across many assessment…
Ask Me Anything: Proactive Threat Hunting
As threat actors become more sophisticated, organizations' approaches to finding malicious activity must become more proactive and refined. Dive into the…
Execution Guardrails: No One Likes Unintentional Exposure
A red teamer's guide to avoiding common mistakes when creating a sophisticated implant, including hostname keying, network keying, and external keying, with a…
Government Contractor’s Ultimate Guide to CUI
Controlled Unclassified Information (CUI) is information the Government creates or possesses, or that an entity creates or possesses for or on behalf of the…
Specula: A Red Team Chronicle
Microsoft Outlook is often used as the primary email client in corporate environments, making it a high-value target for threat actors. Any potential to…
Specula - Turning Outlook Into a C2 With One Registry Change
There exist a few singular Registry changes that any non-privileged user can make that transform the Outlook email client into a beaconing C2 agent. Given that…
Loading...
Get our best blogs, latest webinars, and podcasts sent to your inbox.
Our monthly newsletter makes it easy to stay up-to-date on the latest in security.
