How would you react if you found this in your company inbox? You may want to ignore and many will take the fear bait and […]
Bypassing AV with Hoaxshell – Windows Defenders
T3l3machu recently released Hoaxshell and Villain, both of which are excellent tools that easily make it to our red team operations arsenal. What makes these […]
Defending against account takeover (ATO) attack.
Account takeover is a form of identity theft and fraud, where a malicious third party successfully gains access to a user’s account credentials. A successful […]
Mitigating Windows Print Spooler “PrintNightmare” Vulnerability.
Microsoft has acknowledged the new vulnerability that affects the Windows Print Spooler service, giving attackers leverage to execute remote code with system-level privileges on all […]
New Research shows vulnerability in Google Titan 2FA security Key
A new attack vector demonstrates how hardware security keys used for 2FA, such as from Google and Yubico, can be cloned by threat actors via […]