Technical

This Caller Does Not Exist: Using AI to Conduct Vishing Attacks

This Caller Does Not Exist: Using AI to Conduct Vishing Attacks

| | AI, Blog, Cybersecurity, TAS, Technical, Threat & Attack Simulation, vishing
As technology advances, attackers are quick to adapt, using cutting-edge innovations to craft social engineering attacks that exploit the one […] ...
The Guiding Point | GuidePoint Security
RansomHub Affiliate leverages Python-based backdoor

RansomHub Affiliate leverages Python-based backdoor

| | Cybersecurity, GRIT, GRIT Blog, Ransomware, SBN News, Technical, vulnerability
In an incident response in Q4 of 2024, GuidePoint Security identified evidence of a threat actor utilizing a Python-based backdoor […] ...
The Guiding Point | GuidePoint Security
RACE Conditions in Modern Web Applications

RACE Conditions in Modern Web Applications

| | Application Security, Blog, Cybersecurity, Technical
The concept of a RACE condition and its potential for application vulnerabilities is nothing new. First mentioned back in the […] ...
The Guiding Point | GuidePoint Security
Developing and Implementing a Privacy Program

Developing and Implementing a Privacy Program

| | Blog, Cybersecurity, Data Privacy, Data Security, Technical
Privacy Privacy has evolved beyond compliance; its relevance in creating brand loyalty and customer trust has proven to build a […] ...
The Guiding Point | GuidePoint Security
Building and Enhancing OT/ICS Security Programs Through Governance, Risk, and Compliance (GRC)

Building and Enhancing OT/ICS Security Programs Through Governance, Risk, and Compliance (GRC)

| | Cybersecurity, Governance, Risk & Compliance, GRC, OT security, OT Security Services, SBN News, Technical
Operational Technology (OT) and Industrial Control Systems (ICS) are critical components of many industries, especially those within the 16 critical […] ...
The Guiding Point | GuidePoint Security
Understanding DMARC policies – p=none, p=quarantine, p=reject

Understanding DMARC policies – p=none, p=quarantine, p=reject

| | dmarc, Technical
Discover how implementing the right DMARC policy in your business can stop email impersonation, protect brand reputation, and boost deliverability ...
Sendmarc
How Hackers Steal Your RFID Cards

How Hackers Steal Your RFID Cards

| | Blog, Cybersecurity, Red Team, RFID, Security Awareness & Education, Technical, Threat & Attack Simulation, Vulnerability Management & Penetration Testing
Radio Frequency Identification (RFID) cards are ubiquitously used to authenticate using a physical token. This technology is often embedded in […] ...
The Guiding Point | GuidePoint Security
How to Make Adversaries Cry: Part 1

How to Make Adversaries Cry: Part 1

| | Blog, Cybersecurity, Technical, Threat & Attack Simulation, Vulnerability Management & Penetration Testing
In the ever-evolving landscape of cybersecurity, defense against intruders requires constant vigilance and proactive measures. For organizations relying on Active […] ...
The Guiding Point | GuidePoint Security

Worldwide Web: An Analysis of Tactics and Techniques Attributed to Scattered Spider

| | Blog, Cybersecurity, GRIT Blog, Technical, Threat Advisory
Additional authors: Rui Ataide and Hermes Bojaxhi Executive Summary In early 2024, we identified a current affiliate of the RansomHub […] ...
The Guiding Point | GuidePoint Security
Leveraging Escalation Attacks in Penetration Testing Environments – Part 1

Leveraging Escalation Attacks in Penetration Testing Environments – Part 1

| | Blog, Cybersecurity, Technical, Vulnerability Management & Penetration Testing
Authors: George Raileanu and Eugene Mar Introduction Together we aim to explore vulnerabilities within Active Directory Certificate Services (AD CS), […] ...
The Guiding Point | GuidePoint Security
Load more