Rogue Devices As Vector For Kinetic Attacks
UPDATE: This blog post was written prior to the USB explosive incident in Ecuador. Some edits have been made to note these events. DISCLAIMER* The following blog post describes a […]
UPDATE: This blog post was written prior to the USB explosive incident in Ecuador. Some edits have been made to note these events. DISCLAIMER* The following blog post describes a […]
White Oak Security discovered a “Zip Slip” Authenticated Remote Code Execution vulnerability in Frevvo Live Forms. Frevvo Live Forms is a workflow automation software used to automate processes and forms. […]
On a recent web application penetration test, I identified a classic server-side request forgery (SSRF) vulnerability that used a Denylist in an attempt to prevent active exploitation. This post details […]
When I first came to White Oak Security, I was presented with a unique opportunity to do some training for threat hunting assessments. Prior to that point, I had some […]
LoRa Frequency The Internet of Things (IoT) has revolutionized the way we live and work, connecting an ever-growing number of devices and systems to the internet. One key technology that […]
Hi, again folks! Welcome back, I am a Senior Threat Emulation Specialist at White Oak Security. The majority of my time in the Cyber Security field has been focused on […]
On a recent Red Team engagement, White Oak Security had compromised a domain and dumped the Active Directory user password hashes. We attempted to pivot into another domain using shared […]
Phishing Leadership Thanks for returning for part 2 of Phishing For Success! If you missed Phishing For Success – Part 1, be sure to catch up. 😜🎣 Newer to White Oak […]
Leadership In Cyber Security Hi folks, I am a Senior Threat Emulation Specialist at White Oak Security. The majority of my time in cyber security has been focused heavily on […]
Credential Access Without Mimikatz On a recent engagement, a client implemented multiple EDR solutions to prevent common ways of obtaining credentials either through Mimikatz or various LSASS memory dumping methods. […]