In December 2022, we observed an intrusion on a public-facing MSSQL Server, which resulted in BlueSky ransomware. First discovered in June 2022, BlueSky ransomware has code links to Conti and … Read More

With a significant daily influx of vulnerabilities, the assessment and assignment of CVSS base scores demand considerable time, expertise, and human resources.

Presenting capabilities of DefectDojo in context of Vulnerability Management for DevSecOps and traditional application security engineers.

A critical argument injection vulnerability has been identified in the administrative web interface of the Atos Unify OpenScape products Session Border Controller, Branch, and BCF. This allows an unauthenticated attacker to gain root access to the appliance…

It takes a special kind of person to name a company after their own body part. Fortunately the Microsoft Security Response Center doesn’t seem to have inherited that kind of mentality, because when I have reported not a bug but a feature as a vulnerability…

Multiple vulnerabilities found in ExtremeNetworks ExtremeXOS by Rhino Security Labs.

Makes reverse engineering Android apps easier, automating repetitive tasks like pulling, decoding, rebuilding and patching an APK. - ax/apk.sh

The Password Manager Extension from One Identity can be used to perform two different kiosk escapes on the lock screen of a Windows client. These two escapes allow an attacker to execute commands with the highest permissions of a user with the SYSTEM role.

This document gives an overview and specification of Version 5 of the protocol for the Kerberos network authentication system. [STANDARDS-TRACK]

This is a gif of the exfiltration process (We've increased the speed so you're not waiting around for 1 minute). Read on to discover how this works... CSS Cafe presentation I presented this technique

BugProve discovers additional zero-day vulnerabilities in Zyxel's personal cloud storage device. Detailed writeup of the firmware analysis process.

This is the second post in a two-part series on DNS rebinding. In this post, I introduce new techniques for achieving reliable, split-second DNS rebinding in Chrome, Edge, and Safari when IPv6 is available, as well as a technique for bypassing the local network…

GitHub Gist: instantly share code, notes, and snippets.

Security experts

Determining the intent behind a package publication is notoriously difficult. Is it a legitimate threat actor or a security researcher? We can rarely make this determination, so Phylum generally errs on the side of caution and annotates packages that exhibit…

Dasharo User Group (DUG) #4 and Dasharo Developers vPub 0x9 When? 07th December 2023 5PM UTC to last hacker standing...

A modern investigation of the Windows loader architecure and loader lock

Using CVE-2023-43641 as an example, I’ll explain how to develop an exploit for a memory corruption vulnerability on Linux. The exploit has to bypass several mitigations to achieve code execution.