More isn’t better. Better is better. Quantity fades. Quality lasts. Ethical Threat Insights: Deception, the best ROI in Security There is a misconception that more security alerts == safer environment. The reality is that’s not true. Better alerts == more actionable evidence means you’re responding to what matters most, not when your server goes haywire because of a benign scheduled task. Deception is the best ROI in security because: It’s inexpensive (especially compared to “traditional”...
26 days ago • 1 min read
Attackers love certificates. They open doors most people forget to lock. Ethical Threat Insight: Certificate Abuse Attacks Think certificates only protect websites? Inside your network, they’re like digital ID cards for users, computers, web servers, and even domain controllers. But here’s the problem… A weak or misconfigured certificate can let attackers: Impersonate administrators Escalate privileges Persist quietly Simple tip: Start by auditing your AD Certificate Services (ADCS) using...
about 1 month ago • 1 min read
Hey there! Hope you had a great weekend. Let's get into it! 🩺Threat Pulse China’s Tacit Admission of Volt Typhoon Attacks At a December 2024 Geneva summit, China’s Ministry of Foreign Affairs cyber official Wang Lei made ambiguous remarks that U.S. delegates interpreted as a confession of Beijing’s role in the Volt Typhoon campaign—cyber intrusions on U.S. infrastructure tied to Washington’s support for Taiwan. Key Takeaways: The U.S. delegation saw Wang Lei’s comments as a warning: China is...
3 months ago • 4 min read
Hey there! Hoping you had an awesome weekend! It's cold and rainy here in NY and I am literally so over it. Hah. I hope you enjoy this weeks newsletter. Please hit reply and leave me some feedback or roast me. Would love to tune this and make it incredibly useful and valuable to you. I will consider ALL ideas. 🩺Threat Pulse GitHub expands security tools after 39 million secrets leaked in 2024 GitHub detected over 39 million leaked secrets, such as API keys and credentials, in repositories...
4 months ago • 4 min read
What's up everyone! Happy Monday. It's another great week over here because yes, I am again on another internal pentest engagement. This time the clients in the financial services industry. The last few before that have been law firms. Lot of exciting stuff in the works for me personally and with SecurIT360, so stay tuned. Have an awesome week! I appreciate you being a part of this newsletter community. 🙏 🩺Threat Pulse Microsoft’s killing script used to avoid Microsoft Account in Windows 11...
4 months ago • 4 min read
Happy Monday! For those following cybersecurity news, this past week has been a doozy! While I hope this newsletter helps you stay up to date I am really focused on the insights we can obtain from all that’s going on. If you get value and you’d like to reciprocate, the best way to do that is by sharing my newsletter subscribe link on social media. Truly appreciate you! Have an amazing week. 🙏 🩺Threat Pulse VSCode extensions found downloading early-stage ransomware Two malicious Visual Studio...
4 months ago • 5 min read
It's been an incredibly busy few weeks over here, I haven't had much time to get outside and touch some grass. But the weather is getting warming and I am so ready for it! I hope you enjoy this weeks email! I would love if you would reply and tell me which parts you liked or didn't care for. It won't hurt my feelings, I promise! 🩺Threat Pulse Malicious Adobe, DocuSign OAuth apps target Microsoft 365 accounts Cybercriminals are deploying fake Microsoft OAuth applications disguised as Adobe and...
5 months ago • 4 min read
Hey happy Monday! I hope you had super great weekend. I put time and attention into trying to deliver a valuable newsletter. A newsletter that I myself would look forward to reading. I hope I am able to deliver on that for you. If you do get value, please hit reply and let me know which section you like the most! Thanks so much 🙏 Have an awesome week! 🩺Threat Pulse Ransomware gang encrypted network from a webcam to bypass EDR What you should take away from this article: EDR alone is no longer...
5 months ago • 3 min read
ADeleg: The Active Directory Security Tool You’ve Never Heard Of Brave Readers Continue… During a internal pentest, I found an issue where the “Everyone” group in Active Directory had “FullControl” over the root of the domain. After I picked my jaw up off the floor, I quickly validated it with another tool. That tool, and the discoveries I made afterwards with that tool, are the reason for this article. Fast forward to today, and I’ve made it my mission to identify vulnerabilities and...
over 1 year ago • 6 min read
