Malicious eFax Attachments Can Potentially Steal Your Microsoft O365 Password
Phishing attack observed by Polito, Inc., which uses an obfuscated JavaScript attachment to show how to analyze the malicious attack.
top of page
Search
Fred Mastrippolito
- Feb 1
- 3 min
Enhancing Digital Forensics with X-Ways X-Tensions: VirusTotal Plugin
Polito is pleased to release our VirusTotal extension for X-Ways. This open source extension is useful to quickly triage file hashes
Polito, Inc.
- Jan 9
- 1 min
Virginia CyberSlam 2023 - Supporting The Next Generation of Cybersecurity Experts
Polito, Inc. is proud to be a sponsor for the 2023 Virginia CyberSlam event being held at George Mason University today. This event brings t
Esther Matut
- Dec 14, 2022
- 7 min
Beginner Social Media OSINT/Reconnaissance
OSINT, or Open-source Intelligence, are a set of techniques for data collection and analysis that is publicly available from various sources
Mattia Campagnano
- Jun 16, 2022
- 5 min
5 Cybersecurity Lessons From the Ukraine War
Best practices guidelines allow organizations to respond to five lessons learned from the Ukraine war
Esther Matut
- Mar 29, 2022
- 8 min
Wicked6 US Cyber Range CTF: Ladies of Space Cows
On March 23rd and 24th, 2022, Wicked6, sponsored by many companies produced a special 24 hour global women's only CTF event virtually.
Fred Mastrippolito
- Jan 31, 2022
- 2 min
Introducing Hash Exporter for X-Ways: Automate Your Hash Lists
Polito Inc. is pleased to announce that we are releasing the Hash Exporter extension for X-Ways. Hash Exporter helps automate hash extract
Nihaal Prasad
- Oct 5, 2021
- 6 min
Return to Libc: Linux Exploit Development
This blog post will cover how to conduct a ret2libc attack. The ret2libc technique is a tactic used in Linux exploit development that allows
Nihaal Prasad
- Aug 10, 2021
- 7 min
How to go Phishing with Gophish
How to conduct basic phishing campaigns using Gophish, an open-source tool for testing an organization’s vulnerability to phishing.
Mattia Campagnano
- Feb 23, 2021
- 4 min
Top 3 Reasons Why Organizations Should Get a Penetration Test Today
Cybersecurity breaches and other incidents have become increasingly frequent and more impactful over the last year. In a recent high-profile
Liana Parakesyan
- Nov 4, 2020
- 6 min
Masterful Policies and Compliance: Industries, Policies, Regulations, and How to Get Started
Policy assessments should be considered as a cybersecurity best practice and should be conducted annually with other assessments such as vul
Jeffrey Magloire
- Oct 19, 2020
- 4 min
Dynamic Analysis Using Autopsy - Part 1
This blog is going to walk you through using the OPSWAT MetaDefender service with the Autopsy digital forensic tool. The first step would be
Daniel Chen
- Aug 5, 2020
- 3 min
Enhancing Digital Forensics with X-Ways X-Tensions: Metadefender Plugin
To start, you’ll need your MetaDefender Cloud API key ready. You can sign up for MetaDefender’s free API key at opswat.com. You can downloa
Mattia Campagnano & Wade Ma
- Jul 14, 2020
- 9 min
Vulnerability Scanners and the SAINT Experience
Vulnerability scanners assist in the identification and detection of vulnerabilities arising from misconfigurations or insecure coding with
Mattia Campagnano
- May 20, 2020
- 6 min
Weaponizing Windows Binaries and Scripts (LOLBAS): What's Old Is New Again
One of the latest trends in penetration testing and malware development is to weaponize the so-called Living Off the Land Binaries and Scrip
Peter Quach
- Mar 18, 2020
- 6 min
Cybersecurity Tips to Get Through the Coronavirus Pandemic
As we all learn to deal with this new, temporary norm, we must not sacrifice our convictions for strong cybersecurity. Hackers are currently
Wade Ma
- Mar 3, 2020
- 9 min
Automated Obfuscation of Windows Malware and Exploits Using O-LLVM
Today’s malware authors and exploit developers have automated methods of obfuscating their software, When these techniques are combined with
Mattia Campagnano
- Feb 3, 2020
- 9 min
Ransomware Attacks Are on the Rise, Should You Pay the Ransom?
However, sometimes the answer to this question cannot be so clear-cut. Much depends on how valuable the information being held for ransom is
Fred Mastrippolito
- Jun 18, 2019
- 2 min
The CISO asked me to run Ransomware on his laptop
The executive’s laptop had the very latest version of a cloud-based, next-generation antivirus endpoint detection and response software, whi
Liana Parakesyan
- May 15, 2019
- 6 min
Wi-Fi Hacking: A How To for Penetration Testers
To sniff Wi-Fi, we use Alfa USB Wi-Fi adapter which connects to laptop via USB. For longer range sniffing, the 16 dBi Yagi antenna can be co
bottom of page