About This Series

Last time, we covered a scenario in which a threat actor found leaked RSA private keys used by a TLS wildcard certificate for “Poor Corp.” By chaining the leaked private key with DNS misconfigurations, the attacker was able to impersonate a Poor Corp subdomain and use it to create highly effective phishing emails.

In this series, we will dissect not just what an attacker can do to get access to credentials, but also what they would do after getting that initial access. We will walk through a different threat scenario in each part of the series and tell stories of malicious hackers that are either true, based on a true incident, or reasonably theoretical.

Generated by Feedzy