Most common MITRE ATT&CK tactics and techniques: CISA shares most common RVAs

Introduction CISA has released a list of Risk and Vulnerability Assessments, or RVAs, to the MITRE ATT&CK Framework and have released their findings to the public in a data-packed report.…

J3rryBl4nks’s PEN-300 Approach

Guest post by J3rryBl4nks, OffSec student and OSCP holder My PEN-300 Approach My name is J3rryBl4nks. I have been in roles in information technology for 17 years. I started out…

New Exploit Development Course: EXP-301

When we announced our intention to retire our Cracking the Perimeter (CTP) course and revamp the OSCE certification, we also shared information about the courses which would replace it. Those…

Database Penetration Testing

In this post, I would like to share knowledge and experience while doing Database Penetration Testing. The purpose of Penetration Testing is to find vulnerabilities within the system and simulate…

Analysis of ransomware used in recent cyberattacks on health care institutions

Introduction In recent years, there has been a steady increase in the number of ransomware attacks on healthcare institutions. The pressure such institutions experienced as a result of the COVID-19…

Actionable Detections: An Analysis of ATT&CK Evaluations Data Part 2 of 2

Jamie WilliamsJun 18, 2020 · 8 min read In part 1 of this blog series, we introduced how you can break down and understand detections by security products. When analyzing…

Network traffic analysis for IR: Data exfiltration

Introduction Understanding network behavior is a prerequisite for developing effective incident detection and response capabilities. ESG research has found that 87 percent of companies use Network Traffic Analysis (NTA) tools…

XML Injection Attack review

In this post, I would like to share about XML Injection Attack that might be useful for some scenarios. For those who are not familiar with XML Injection attack, XML…

Threat hunting with osquery

Introduction In this article, we take a look at osquery and how it can be used to query the security, reliability and compliance information of systems within your network environment.…

How WannaCry Ransomware Crippled Healthcare

Perspective What do you get when you combine stolen government hacking tools, an unpatched system, and shady operatives from North Korea? The answer is one seriously debilitating cyber attack. Using…