Rhino Security Labs

Strategic & Technical Blog

Abusing Microsoft Word Features for Phishing: “subDoc”

Hector Monsegur
January 2, 2018

At Rhino Security Labs, we regularly dedicate time and resources towards developing techniques to bypass and evade various security systems, including email security and antivirus systems. The ubiquity of Office makes them an ideal target for phishing and penetration testing campaigns….

Read more

Four Things Every Penetration Test Report Should Have

Common Azure Security Vulnerabilities and Misconfigurations

Amazon Key Security: CloudCam Subject to Disruption Attacks

Benjamin Caudill

In October 2017 Amazon announced a new service called Amazon Key for Amazon Prime customers.  The service offers to securely deliver Amazon Packages inside members’ homes. The delivery person will unlock and lock an external door using a…

Read more