Introduction There is an area in most websites where protections like the ones found on most login pages aren't present; the box where you type the promo/coupon code. An organization with a strong security posture for login pages will usually have ... READ MORE
Main Content
From the War Room Blog

Intel Insights – Phishing with QR Codes
A large phishing campaign using QR codes has been detected targeting various industries, with the aim to acquire Microsoft credentials. Researchers from the security firm, Cofense, observed the attacks against “a major Energy company based in the ... READ MORE

Rhysida Ransomware Attack on PMH and Connections to Vice Society Ransomware
On August 4th, 2023, the parent company of Eastern Connecticut Health Network and Waterbury Health, Prospect Medical Holdings(PMH), announced that all of its facilities were facing IT complications. Prospect Medical Holdings is a parent company to ... READ MORE

Navigating the Digital Frontier: Common Threats in the Blockchain Industry
The Double-Edged Sword of Blockchain Innovation In an era characterized by unprecedented digital innovation, one frontier stands out as both a beacon of potential and a minefield of risk: the blockchain industry. Renowned for its capabilities of ... READ MORE

STORM-0558 Utilizes Acquired MSA Keys to Forge Authentication Tokens Then Attack Outlook Exchange
On July 12, 2023, The Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) have released a joint Cybersecurity Advisory (CSA)(aa23-193a) detailing an attack on an Federal Civilian Executive Branch (FCEB) ... READ MORE

Red Team Assessments vs Penetration Testing Assessments
At RSM, one of our goals is to help guide the client into choosing the right test for them. This isn’t always as simple as it sounds, as it takes into consideration factors such as goals or size of the network. One of the most common questions we ... READ MORE