Part 1 - Attacking CloudGoat’s vulnerable Lambda scenario Part 2 (you are here) - Responding to the attack In part one of this series, we walked through the steps necessary to exploit a ...

What is CloudGoat? CloudGoat is a purposely vulnerable AWS lab open sourced by Rhino Security Labs to provide an easily deployable and approachable way for users to practice their offensive c...

TL;DR Quite frankly, this training is for anyone but those looking to skim material with a brief TL;DR section. Rather, it caters best to security professionals looking to roll up their sleeves and...

Update #1 (1/29/2018): Hours after the release of this post, Matt Nelson unleashed a new technique to bypass the latest mitigation options made available by Microsoft. As a result, attackers can...

Each year, the cybersecurity students of New York University (NYU) host the Cyber Security Awareness Week (CSAW) capture-the-flag (CTF) competition, the largest student-run cybersecurity event in t...

As stated in my “about me” page, there have been more than a few conversations that involved someone asking me how I successfully “broke” into the information security field and, more importantly, ...