Attackers are using a fake Microsoft support page to deliver password-stealing malware disguised as a Windows update and antivirus tools missed it entirely. Learn how the attack works and what your team can do to stay protected.
Resources
Blog
Blog
Keep up to date with the latest offensive security news, knowledge, and resources.
Andy Grant explores what happens when you remove time-boxes, checklists, and rigid scope from offensive security and trust skilled engineers to follow their intuition.
PTaaS improved how testing is delivered. Continuous PTaaS improves security outcomes. Learn what your program needs to actually reduce risk over time.
The Axios supply chain attack exposed why dependency scanning fails against credential compromise. Learn how attackers backdoor popular packages and what your penetration tests are missing.
Four botnets. Three million devices. The same IoT vulnerabilities security teams have deprioritized for years. What defenders keep getting wrong.
Legacy healthcare systems can’t be patched but they can’t be ignored. Learn how to pentest around clinical assets without disrupting patient care.
