Rhino Security Labs

Strategic & Technical Blog

Bypassing Email Security Controls (P1: URL Scanning)

Hector Monsegur

This post will be the first of a series on advanced phishing capabilities and bypassing email security mechanisms.  The focus is on URL analysis and bypassing link scanning capabilities, with Microsoft’s O365 linkscanning filters used…

Risk Misconceptions in Social Engineering Testing

Cloud Security Risks (Part 1): Azure CSV Injection Vulnerability

Abusing Microsoft Word Features for Phishing: “subDoc”

Hector Monsegur

At Rhino Security Labs, we regularly dedicate time and resources towards developing techniques to bypass and evade various security systems, including email security and antivirus systems. The ubiquity of Office makes them an ideal target for phishing and penetration testing campaigns….