Have you ever had to download a Microsoft Word document from a co-worker, friend, family member? I know I have. Now imagine you think you receive a Word document from your boss titled “New Promotions/Raises”. Without thinking, you go to download and ... READ MORE
Main Content
From the War Room Blog
CISA Issues Rare Directive Regarding VMware Exploits
In a directive posted on May 18, 2022, the Cybersecurity and Infrastructure Security Agency (CISA) declared that all Federal Civilian Executive Branch agencies were required to perform actions on several VMware products: VMware Workspace ONE ... READ MORE
Lateral Movement with Low Privilege Shell for Red Teams
After hours of OSINT (Open-Source Intelligence) and social engineering campaigns, your Red Team has finally obtained the coveted internal shell. The username, IP address, host and operating system information populates your (Command and Control) C2 ... READ MORE
CVE and CVSS scores: Making Vulnerabilities Make Business Sense
Late last year, news spread in the cybersecurity community about the zero-day Apache Log4j vulnerability. This vulnerability was somewhat unique—it was dangerous enough to warrant breathless news coverage, causing concern far outside of cybersecurity ... READ MORE
Scam Calls and Manipulation: How to Recognize Suspicious Content
The experience is almost universal—you notice an unknown, but not entirely unfamiliar number flash across your screen during your workday. Because the number shares an area code with your location, you assume that you’re finally receiving a follow-up ... READ MORE
Russia Ukraine Conflict Observables
With the rise of cyberwarfare against Ukraine and Russia, one could agree that there could be potential blowback from the sanctions that the United States has placed on the country of Russia. Some of the attacks that have been observed against ... READ MORE