Happy Monday! For those following cybersecurity news, this past week has been a doozy! While I hope this newsletter helps you stay up to date I am really focused on the insights we can obtain from all that’s going on. If you get value and you’d like to reciprocate, the best way to do that is by sharing my newsletter subscribe link on social media. Truly appreciate you! Have an amazing week. 🙏 🩺Threat Pulse VSCode extensions found downloading early-stage ransomware Two malicious Visual Studio...
9 days ago • 5 min read
It's been an incredibly busy few weeks over here, I haven't had much time to get outside and touch some grass. But the weather is getting warming and I am so ready for it! I hope you enjoy this weeks email! I would love if you would reply and tell me which parts you liked or didn't care for. It won't hurt my feelings, I promise! 🩺Threat Pulse Malicious Adobe, DocuSign OAuth apps target Microsoft 365 accounts Cybercriminals are deploying fake Microsoft OAuth applications disguised as Adobe and...
16 days ago • 4 min read
Hey happy Monday! I hope you had super great weekend. I put time and attention into trying to deliver a valuable newsletter. A newsletter that I myself would look forward to reading. I hope I am able to deliver on that for you. If you do get value, please hit reply and let me know which section you like the most! Thanks so much 🙏 Have an awesome week! 🩺Threat Pulse Ransomware gang encrypted network from a webcam to bypass EDR What you should take away from this article: EDR alone is no longer...
23 days ago • 3 min read
ADeleg: The Active Directory Security Tool You’ve Never Heard Of Brave Readers Continue… During a internal pentest, I found an issue where the “Everyone” group in Active Directory had “FullControl” over the root of the domain. After I picked my jaw up off the floor, I quickly validated it with another tool. That tool, and the discoveries I made afterwards with that tool, are the reason for this article. Fast forward to today, and I’ve made it my mission to identify vulnerabilities and...
about 1 year ago • 6 min read
Unsecured VNC Credentials Leads to Admin PAW Compromise How discovering a VNC settings file on a file share during a penetration test led to compromising an admin privileged access workstation (paw). PAW - (Privileged Access Workstation) is a hardened device for the purpose of performing administrative tasks only. These systems typically have strict application and access control and daily use tasks such as browsing the internet and using email are not allowed. VNC - Virtual Network Computing...
about 1 year ago • 7 min read