Kevin Mandia, Founder of Mandiant, to Deliver Featured Keynote at SO-CON 2026. Learn More
< Back to Blog
Default Author Image

Andrew Gomez

See the latest by Andrew Gomez

Image for post titled Weaponizing Whitelists: An Azure Blob Storage Mythic C2 Profile

Weaponizing Whitelists: An Azure Blob Storage Mythic C2 Profile

TL;DR: Mature enterprises lock down egress but often carve out broad exceptions for trusted cloud services....

By: Andrew Gomez, Allen DeMoura
Jan 30, 2026 • 10 min read
Read Post
Image for post titled Azure Seamless SSO: When Cookie Theft Doesn’t Cut It

Azure Seamless SSO: When Cookie Theft Doesn’t Cut It

TL;DR The cookie crumbled when it expired, but the attack path didn’t. Learn how BloodHound graph...

By: Andrew Gomez
Dec 11, 2025 • 17 min read
Read Post
Image for post titled Dough No! Revisiting Cookie Theft

Dough No! Revisiting Cookie Theft

TL;DR Chromium based browsers have shifted from using the user’s Data Protection API (DPAPI) master key...

By: Andrew Gomez
Aug 27, 2025 • 15 min read
Read Post