Obfuscating Malicious, Macro-Enabled Word Docs

Posted by Brendan Ortiz on September 13, 2021

Evil Clippy 1200X934

Overview I was working on my OSEP certification when I was inspired to stop studying for a bit to deep-dive into malicious word documents. The OSEP certification inspired a lot of the content you'll see here and gave me a base to work up from. If you're looking for your next cyber security knowledge binge, I'd highly recommend the OSEP....Continue reading 

Common Endpoint (NGAV/EDR) Mistakes and How to Avoid Them

Posted by Gene Abramov on June 15, 2020

Endpoint Mistakes June2020

We perform hundreds of offensive security engagements such as penetration testing and red teaming every year.  During these engagements, we commonly exploit vulnerabilities to obtain some initial level of access and perform post-exploitation to demonstrate what an attacker could do and how far they could go.  Along the way, we have encountered just about every security control imaginable;...Continue reading 

Medical Exploitation: You Are Now Diabetic

Posted by Faisal Tameesh on February 14, 2019

Glucometer 2

A few months ago, our CTO and hacker-in-chief, Jake Reynolds, bought a glucometer online along with all the necessary stuff to make it work. He thought it would make for an interesting project, as researching this device and its related infrastructure could help improve security in a worthwhile field: health / medical devices. During a slower week at the office, I...Continue reading 

Have Questions?
Get Answers