A phishing technique that allows attackers to create fake previews for their malicious attachment with Google Mail.
This is the start of a Twitter recap series which highlights interesting or useful posts that never made it to the blog
Abuse the way O365 Outlook renders cloud attachments to make malicious executable cloud attachments look like harmless files
UPDATED: With the announcment that MS Teams allows users outside of an organization to message users, I revisited Teams and added new techniques
Google Drive's email file functionality can be used to send phishing emails via the google.com domain
A new technique showing how an attacker can create calendar invites with spoofed attendees
Simple changes in process relationship could bypass certain security solutions
A quick and easy way to bypass link analyzers by hiding behind Google's domain.
Google Drive and OneDrive contain spoofing vulnerabilities that can aid attackers with phishing
If you run into VirtualBox on a machine during an engagement try some of these methods