THREAT INTEL
& RESEARCH
Practical insights from our offensive security team — covering attack techniques, defensive guidance, threat landscape analysis, and real-world case studies.
Endpoint detection has never been more sophisticated — yet real-world red team engagements continue to achieve objectives without dropping a single piece of custom malware. We break down the LOLBins and techniques that still work in 2026, and what defenders can do about it.
The msDS-KeyCredentialLink attribute continues to be overlooked by blue teams while remaining a powerful lateral movement primitive. Here's what it is, how we exploit it, and how to detect it.
How a misconfigured Lambda function with iam:PassRole can hand an attacker the keys to your entire AWS account — and how to prevent it before your next cloud assessment.