War Room https://warroom.rsmus.com Shells From Above Wed, 11 Mar 2026 21:06:39 +0000 en-US hourly 1 https://wordpress.org/?v=6.9.4 https://warroom.rsmus.com/wp-content/uploads/2018/09/cropped-favicon-32x32.png War Room https://warroom.rsmus.com 32 32 When Your Browser Becomes the Attacker: Detecting Drive-By Script Execution in the Wild https://warroom.rsmus.com/when-your-browser-becomes-the-attacker-detecting-drive-by-script-execution-in-the-wild/ Wed, 11 Mar 2026 19:46:54 +0000 https://warroom.rsmus.com/?p=6331 Fake Captcha Chains – Portable Behaviors, Practical Detections, And Field Notes https://warroom.rsmus.com/fake-captcha-chains/ Tue, 14 Oct 2025 18:28:19 +0000 https://warroom.rsmus.com/?p=6301 Threat Hunting Win: Uncovering Multi-Stage Malware from RMM Abuse https://warroom.rsmus.com/threat-hunting-win-uncovering-multi-stage-malware-from-rmm-abuse/ Thu, 05 Jun 2025 12:57:05 +0000 https://warroom.rsmus.com/?p=6280 Microsoft and HPE targeted by Cozy Bear in seemingly unrelated attacks https://warroom.rsmus.com/microsoft-and-hpe-targeted-by-cozy-bear-in-seemingly-unrelated-attacks/ Mon, 29 Jan 2024 14:41:52 +0000 https://warroom.rsmus.com/?p=6129