Red Team

From the Copier to the Keys: Default Printer Credentials and AD ACL Misconfigurations

March 15, 2026

Microsoft 365 Under Siege: Why Your MFA Isn’t Stopping Session Token Theft

February 5, 2026

AiTM attacks completely bypass MFA by stealing authenticated session tokens. We demonstrate real-world M365 account takeover in 12 minutes and provide validated remediation strategies.

Beyond the Password: How Session Token Theft Bypasses MFA and What You Can Do About It

February 3, 2026

Session token theft via AiTM frameworks like Evilginx completely bypasses traditional MFA. We demonstrate real-world Okta account takeover and provide a comprehensive, validated remediation strategy.

2026 Threat Predictions: What CISOs Need to Know

December 18, 2025

The threat landscape is evolving faster than most organizations can adapt. Based on comprehensive research from leading cybersecurity firms and our own penetration testing...

The Most Dangerous Cloud Misconfigurations in 2025

August 27, 2025

After conducting penetration tests across hundreds of cloud environments in 2025, we've identified patterns. The same misconfigurations appear repeatedly, and they're often trivial to...

Bypassing Modern EDR Solutions: What Defenders Need to Know

June 15, 2025

Our red team recently demonstrated how sophisticated threat actors can evade endpoint detection. Here's what we learned and how to strengthen your defenses.

MITRE ATT&CK for Practitioners: How to Map Real Findings to a Common Threat Language

January 15, 2025

ATT&CK mapping transforms isolated pentest findings, vulnerability scan results, and incident timelines into a structured, measurable view of adversary behavior. This practical guide walks through a repeatable five-step methodology for mapping real findings to ATT&CK techniques.

TeamPCP Backdoors LiteLLM Versions 1.82.7–1.82.8 Likely via Trivy CI/CD Compromise

Cyber safety 101: How to fight security threats and outsmart scammers

Hackers Use Fake Resumes to Steal Enterprise Credentials and Deploy Crypto Miner

Silver Fox Cyber Campaigns Show Shift Toward Dual Espionage

Illicit VS Code projects tapped to deploy StoatWaffle malware

Iran-linked hackers target second U.S. medical institution, researchers say

Ransomware Inc. and the startup approach to cybercrime

New Npm ‘Ghost Campaign’ Uses Fake Install Logs to Hide Malware

Geopolitical Shifts and Their Impact on Global Supply Chains

Geopolitics is a permanent force in global policy, feels economist Gita Gopinath

A Look At SiteOne (SITE) Valuation After Geopolitical Tensions Ease And Cyclical Stocks Rally

Central banks seen sustaining gold demand amid geopolitics and dedollarisation

Is Cboe Global Markets (CBOE) Fairly Priced After Strong Multi‑Year Share Gains?

Wall Street Holds Firm as War Shakes Global Markets

Policy Whiplash: Global markets swing between hope and uncertainty

Global Markets Quake as Iraq Strike Deepens Energy Crisis

Martin Persson, Chalmers University of Technology

How to create “humble” AI

ETIH Innovation Awards 2026 names Scott Thompson as judge | ETIH EdTech News

Investigators face new struggles in the age of AI and technology

Iran war shows norms of international conflicts have been upended

The Oscars must go on… in the middle of a global conflict?

Property Play: JLL CEO on how global conflicts and capital shifts are reshaping CRE

Euro Zone’s Economic Strain Amid Rising Inflation and Global Conflicts

Red Team