As a Cyber Threat Intelligence (CTI) Analyst, my daily work often involves analyzing suspicious domains that look like our clients’ brands. One of our goals is to prevent phishing campaigns and brand abuse. We usually hunt for external threats like typosquatting. However, sometimes the most dangerous threat comes directly from the legitimate infrastructure within the…
Read MoreThis is the first article in the RTO series The Problem Red team and penetration testing activities are full of repetition: the network scans, reconnaissance, OSINT collection, and routine validation tasks are all necessary, but they’re also time-consuming and error-prone when executed manually. Over time, most teams end up with a zoo of scripts, half-maintained…
Read MoreIn our previous post about Exposure Assessment, we described how we outline a target’s infrastructure using SATAYO, our Cyber Threat Intelligence (CTI) platform. This means that we collected the identifiers of all the target’s machines, i.e., their host names and IP addresses. Now it’s time to understand which machines could allow an attacker to gain…
Read MoreOverview of discovering hostnames and IP addresses using OSINT techniques.
Read MoreThe goal of this article is to present the point of view of the Red Team SEC4U at Würth Phoenix regarding the ominous PrintNightMare vulnerability that has been talked about so much in recent days. A summary for those who did not receive hardly any information about this: it’s a weakness in the Microsoft Windows…
Read More