Threat breakdown
Malicious QR Codes
Quishing turns a harmless-looking QR code into a phishing hook. Learn how malicious QR code attacks work, real-world examples, the warning signs, and how to defend your business.
// KNOWLEDGE_BASE
Threat Briefings & Resources
Plain-English briefings, checklists and field notes on the social-engineering and endpoint threats facing businesses today — from the Pendergrass Consulting security team.
// CORE_BRIEFINGS
Start with the four big threats
Threat breakdown
Living-off-the-Land
LOTL attacks abuse trusted built-in tools like PowerShell, WMI and certutil to stay invisible. Learn how Living-off-the-Land attacks work and how to detect and defend against them.
Threat breakdown
ClickFix & Copy-Paste
ClickFix attacks trick people into pasting malicious commands using fake CAPTCHA and bogus error prompts. See how the copy-paste attack works and how to defend your team.
Threat breakdown
Malicious RMM
Attackers install legitimate remote monitoring and management (RMM) tools to quietly control victim machines. Learn how RMM abuse works, the warning signs, and how to defend.
// ARTICLE_FEED
Articles & guides
We are building a library of short, practical resources. Here is what is on the way — check back soon, or ask us to notify you when they publish.
Coming soon
Checklist
In progress
A 10-minute QR-code safety briefing for your whole team
A short, ready-to-run briefing managers can deliver in a single staff meeting to cut quishing risk fast.
Coming soon
Field note
In progress
ClickFix in the wild: spotting the fake CAPTCHA
An annotated walk-through of what a fake-CAPTCHA lure looks like and the exact moment to stop.
Coming soon
Template
In progress
Which remote-access tools are allowed on your network?
A simple approved-tools policy template you can adapt for your business in an afternoon.
Coming soon
Explainer
In progress
Beyond antivirus: why behaviour-based detection matters
Why Living-off-the-Land attacks slip past traditional tools, and what to look for instead.
▮ SECURE.EXE
Want these briefings delivered to your team?
Pendergrass Consulting turns this knowledge into hands-on security awareness training tailored to your business.