Stop Spoofing Yourself! Disabling M365 Direct Send
Remember the good ‘ol days of Zip drives, Winamp, the advent of “Office 365,” and copy machines that didn’t understand email authentication? Okay, maybe they weren’t so good! For a […]
Blue Team
Detecting ADCS Privilege Escalation
Active Directory Certificate Services (ADCS) is used to manage certificates for systems, users, applications, and more in an enterprise environment. Misconfigurations in ADCS can introduce critical vulnerabilities into an enterprise Active Directory environment.
Caging Copilot: Lessons Learned in LLM Security
For those of us in cybersecurity, there are a lot of unanswered questions and associated concerns about integrating AI into these various products. No small part of our worries has to do with the fact that this is new technology, and new tech always brings with it new security issues, especially technology that is evolving as quickly as AI.
Communicating Security to the C-Suite: A Strategic Approach
Engaging with the C-suite is not just about addressing security concerns or defending budget requests. It’s about establishing and maintaining an ongoing discussion that aims to align security objectives with the interests of the business.
Go-Spoof: A Tool for Cyber Deception
Go-Spoof brings an old tool to a new language. The Golang rewrite [of Portspoof] provides similar efficiency and all the same features of the previous tool but with easier setup and useability.
Canary in the Code: Alert()-ing on XSS Exploits
I’ve been a web application pentester for a while now and over the years must have found hundreds of cross-site scripting (XSS) vulnerabilities.1 Cross-site scripting is a notoriously difficult problem […]
5 Things We Are Going to Continue to Ignore in 2025
In this video, John Strand discusses the complexities and challenges of penetration testing, emphasizing that it goes beyond just finding and exploiting vulnerabilities.
Questions From a Beginner Threat Hunter
Answered by Chris Brenton of Active Countermeasures | Questions compiled from the infosec community by Shelby Perry This article was originally published in the Threat Hunting issue of our infosec […]
One Active Directory Account Can Be Your Best Early Warning
Here we go again, discussing Active Directory, hacking, and detection engineering. tl;dr: One AD account can provide you with three detections that if implemented properly will catch common adversarial activities […]