Rhino Security Labs

Strategic & Technical Blog

Abusing Microsoft Word Features for Phishing: “subDoc”

Hector Monsegur
January 2, 2018

At Rhino Security Labs, we regularly dedicate time and resources towards developing techniques to bypass and evade various security systems, including email security and antivirus systems. The ubiquity of Office makes them an ideal target for phishing and penetration testing campaigns….

Read more

Amazon Key Security: CloudCam Subject to Disruption Attacks

Epson Vulnerability: EasyMP Projector Takeover (CVE-2017-12860 / CVE-2017-12861)

Introducing CFire: Evading CloudFlare Security Protections

Benjamin Caudill

CloudFlare is a cloud security provider, offering WAF and DDoS services as part of its DNS service. When properly configured, the protections between a user and a CloudFlare-secured site can be an effective way of shielding the true IP addr…

Read more