December 2020

Social engineering is a common, low-tech approach where a threat actor impersonates someone else to obtain sensitive information or persuade the deceived to comply with some other request type. It has been described as “hacker-speak” for tricking a person into disclosing authentication information, executing malicious code, or opening a door. Some classic example of social engineering is the promise of funds from the prince of Nigeria, and the process has matured into malicious documents with coercive DocuSign lures or spoofed invoice scams changing the routing information for payments.

July 2020

A common tactic seen used in Phishing campaigns today is to embed the phish within Google's Firebase Cloud Storage platform called Firebase. Follow along with this workflow to analyze some phishing lures.