Cybersecurity Blog

Good command-and-control infrastructure requires a known, trusted domain. When you’re first starting out, this can be difficult to find, but luckily other testers have provided many great resources.

So, let’s dive into what’s available and how to make the right choices when building out an attack infrastructure.

Read More...

It’s pretty common for companies to bundle social engineering into their penetration testing programs. But when the report shows up, you may find you’re surprised and frustrated at the rate of employees clicking links to open malicious documents. How were my employees so easily manipulated? And why didn’t anyone on the IT staff catch this? Don’t sweat it. Happens to more people than you can imagine. We’ve got guidance for three forms of remediation.

Read More...

There are cybersecurity phishing streams & threats constantly growing and evolving. Email spam is no longer the front line of the battlefield. Here are 3 new phishing streams beyond email - and how to safeguard them.

Read More...