Significant Business Email Compromise Payloads: 2025 State of InfoSec Series
If you’ve been following along with our State of InfoSec series this year, you’ll know that we have been reviewing…
Read post
Category: Labs
Token Theft Attacks & MFA Defeat: 2025 State of Infosec Incident Stories
Welcome to the second post in our series of incident response stories following our recent engagements. Over the past two…
2025 State of Infosec: Incident Response Stories and Useful Findings
If you’ve been interacting with FRSecure for a while, you may recall our State of Information Security report. Published in…
Introducing Project Hyphae: Free Threat Intel
I am very excited to announce a new initiative powered by FRSecure that will be known as Project Hyphae. We…
The REBOL Yell: A New Novel REBOL Exploit
A novel exploit explained and why default deny and user awareness are still king! Ever heard of REBOL? If not,…
Living Off The Land Attacks: Tools, Tactics, and Prevention
Introduction Living off the land (LOTL) is a term that gets thrown around a lot at security conferences and webinars,…
Year of the Zero-Day Vulnerability: Phishing with Minks
Ahhh, summer is upon us. Barbecues, fireworks, swimming pools, and (of course) zero-day vulnerabilities and ransomware. Wait… what? If you…
SolarWinds Compromise Update and Recommendations
By now you have likely heard about the SolarWinds compromise and supply chain attack. We wanted to get a notice out…
Golden Ticket Attack: Detecting and Preventing
Let’s talk about Mimikatz and golden ticket attacks! And we don’t mean the Wonka bars, but something far more malicious.…
Making Sense of RDP Connection Event Logs
Investigating lateral movement activities involving remote desktop protocol (RDP) is a common aspect when responding to an incident where nefarious…
File System Forensic Analysis: Creating an Initial Timeline
Now you know about benefits of using a timeline on technological and intellectual levels. But how can you create a…
From Zero to Hero: A ZeroLogon (CVE-2020-1472) Love Story
How many logons do you have? Zero! You’re a threat-actor; you have zero logons, and you need some. Enter our…