Threat Blog

Filter By

Certified Pre-Owned ADCS and PetitPotam: Executing the Full Attack Chain with Windows and Linux

This blog provides a tutorial on executing a full attack chain from both Linux and Windows machines of Will Schroeders AD Certificate Services research

Read More
Malicious Cryptomining & Other Shifting Threats

Tevora Talks dForce $25 Million Crypto Hack, Blockchain, Blackmarket and security with Kevin Soltani

Watch Video
PsyOps: Deep Dive into Social Engineering Attacks

Social engineering campaigns continue to be one of the primary methods that adversaries use to gain an initial foothold in an organization. Red teams and Advanced Persistent Threat (APT) groups often times use phishing techniques and pretexted phone calls to coerce users to either disclose sensitive information or execute malicious…

Read More
Finding Broken Access Controls

This blog post is intended to be a guide on effective and efficient methods of identifying broken access control.

Read More
Attacking the Perimeter

Hackers, both white and black hat, depend considerably on open-source intelligence (OSINT) derived from publicly available information. Security professionals’ knowledge of OSINT collection methods and techniques is crucial for assessing threats. In this post we use tesla.com in some examples. We chose them solely due to the fact that…

Read More
DIY Leaked Credential Search Engine – Part 1

IntroductionThis post will walk through the process we followed to build a search engine for leaked credentials from publicly disclosed breaches/database leaks using Django REST Framework and PostgreSQL. At the end of this blog, you should have all you need to build an API and frontend Web Application that…

Read More
Atomic Red Team Windows Execution Engine

Atomic Red Team is an excellent collection of commands, activities, and other Indicators of Compromise (IoCs) developed and maintained by Red Canary that your blue team can benchmark against to hone their craft.

Read More
MuleSoft Runtime < 3.8 Unauthenticated RCE (CVE-2019-13116)

This blog post details a pre-authentication deserialization exploit in MuleSoft Runtime prior to version 3.8.

Read More
Smoke and Mirrors | Red Teaming with Physical Penetration Testing and Social Engineering

In this post, we will illustrate the roadmap of a physical penetration test and advise how to successfully infiltrate into a corporate environment.

Read More