Gather round, gather round - it’s time for another blogpost tearing open an SSLVPN appliance and laying bare a recent in-the-wild exploited bug. This time, it is Check Point who is the focus of our penetrative gaze.

Check Point, for those unaware, is the…

In this blog, we welcome the return of the LM hash - which is still in use in specific scenarios even if it is explicitly disabled! - and demonstrate how to survive the reset of the krbtgt service account. Our goal is to learn whether it is possible to achieve…

S3 is weirder than you think. Make sure you know all the quirks before they turn into vulnerabilities in your AWS infrastructure.

Powered by Hudson Rock's continuously augmented cybercrime database, composed of millions of machines compromised by Infostealers in global malware spreading campaigns.

Two Moldovan brothers’ companies, Stark Industries Solutions and PQ Hosting, provide technology for Russian propaganda and hacking attacks, a CORRECTIV investigation shows.

Article describing various exploits in the IEEE802.11 WiFi protocol.

Contribute to carlos-al/user-kernel-syscall-hook development by creating an account on GitHub.

Head’s up: This is a blog post about applied cryptography, with a focus on web and cloud applications that encrypt data at rest in a database or filesystem. While the lessons can be broadly a…

Two years ago, something very strange happened to me while working from my home network. I was exploiting a blind XXE vulnerability that required an external HTTP server to smuggle out files, so I spun up an AWS box and ran a simple Python webserver to receive…

Silverfort can help Okta customers protect themselves in the wake of the recent breach that resulted in theft of the company’s source code.

Here's what can be done to address it.

Discovering a zero-day authentication bypass and chaining a .NET deserialization to achieve pre-auth RCE on Progress Report Server

If you’ve never heard of NIST SP 800-108 before, or NIST Special Publications in general, here’s a quick primer: Special Publications are a type of publication issued by NIST. Specifica…

A guide on how to maintain a more secure containerized software.

Master phishing: Add SPF, DMARC, DKIM, and MX records to Evilginx to boost your sender's reputation and ensure email deliverability.

Revisiting CVE-2023-48788, a SQL injection in Fortinet FortiClient EMS Server. This blog details bypassing several restrictions to achieve arbitrary command execution as SYSTEM.

At OffensiveCon 2024, the Android Red Team gave a presentation (slides) on finding and exploiting CVE-2023-20938, a use-after-free vulnerability in the Android Binder device driver. This post will provide technical details about this vulnerability and how…