Rhino Security Labs

Strategic & Technical Blog

Technical Strategic Technical & Strategic Both
Social Engineering

Bypassing Email Security Controls (P1: URL Scanning)

Hector Monsegur

This post will be the first of a series on advanced phishing capabilities and bypassing email security mechanisms.  The focus is on URL analysis and bypassing link scanning capabilities, with Microsoft’s O365 linkscanning filters used…

Read more
Social Engineering

Risk Misconceptions in Social Engineering Testing

Social Engineering

Cloud Security Risks (Part 1): Azure CSV Injection Vulnerability

Technical Strategic Technical & Strategic Both
Categories
Clear Selection
API
Application Security
AWS
Azure
Buyer's Guide
Cloud Security
Compliance
Enterprise Security
GCP
Google Cloud
Internet of Things
Mobile Security
Network Security
News
Penetration Testing
Research
Social Engineering
Tool Development
Uncategorized
Social Engineering

Abusing Microsoft Word Features for Phishing: “subDoc”

Hector Monsegur

At Rhino Security Labs, we regularly dedicate time and resources towards developing techniques to bypass and evade various security systems, including email security and antivirus systems. The ubiquity of Office makes them an ideal target for phishing and penetration testing campaigns….

Read more