Exploit ConnectWise ScreenConnect (bypass authentication) - jhonnybonny/auth_bypass_connectwise_screenconnect

Recently, we have observed an increase in TeaBot banking trojan infections across several European countries, now even infiltrating the Google Play Store. Read the technical analysis to know all his functionalities and how to prevent it.

In previous blogs, we’ve discussed some of the big players in the enterprise software space, but there is one that we have not mentioned before, that is - quite frankly - the heavy-weight champion of the world in terms of applications for large enterprises.…

Look inside the popular hash function and learn what makes it work so well.

A Golang library for interacting with the EPSS (Exploit Prediction Scoring System). - KaanSK/go-epss

The Python Risk Identification Tool for generative AI (PyRIT) is an open access automation framework to empower security professionals and machine learning engineers to proactively find risks in th...

In 2021, Ivanti patched a vulnerability that they called “code injection”. Rumors say it was a backdoor in an open source project. Let’s find out what actually happened!

By Matt Schwager Deserializing, decoding, and processing untrusted input are telltale signs that your project would benefit from fuzzing. Yes, even Python projects. Fuzzing helps reduce bugs in hig…

This is the very first article that I am publishing on this blog, I wanted to share this experience with folks that are passionate like myself about Security at 360 degrees and also share my thought …

Posted by Good_Till_970 - 2 votes and 12 comments

Key Takeaways In February 2023, we detected an intrusion that was initiated by a user downloading and executing a file from a SEO-poisoned search result, leading to a Gootloader infection. Around n…

Our Clean Code solution, SonarCloud, led us to a severe security issue in the popular Content Management System Joomla.

An open redirect vulnerability exists in the remains of Google Web Light service, which is being actively exploited in multiple phishing campaigns. Google decided not to fix it, so it might be advisable to block access to the Web Light domain in corporate…

By Nati Tal, Oleg Zaytsev (Guardio Labs)

A technique to find the Account ID of a private S3 bucket.

In the evolving landscape of cybersecurity, adversaries are continually seeking innovative methods to bypass traditional security measures. One such method gaining traction is the use of QR codes. At first glance, QR codes appear as benign tools for quick…

Advanced CyberChef techniques using Registers, Regex and Flow Control