A guide on how to maintain a more secure containerized software.

Master phishing: Add SPF, DMARC, DKIM, and MX records to Evilginx to boost your sender's reputation and ensure email deliverability.

Revisiting CVE-2023-48788, a SQL injection in Fortinet FortiClient EMS Server. This blog details bypassing several restrictions to achieve arbitrary command execution as SYSTEM.

At OffensiveCon 2024, the Android Red Team gave a presentation (slides) on finding and exploiting CVE-2023-20938, a use-after-free vulnerability in the Android Binder device driver. This post will provide technical details about this vulnerability and how…

When the foundations break, the building crumbles. Applications are no different. When building an application, you need to choose the best building blocs. They need to be durable and...

I just installed Malwarebytes 4.6.13 Trial version and in Trusted Advisor General Settings it says Firewall Protection is ON. I already had Norton 360 running it's Firewall, you can't have two Firewalls at same time correct? I don't see anywhere in Malwarebytes…

Here we go again, hello everyone! Sorry I am on a roll this period, can’t really sle(a)p well when I have something still to solve and I had some leftovers from the previous SWAPPALA adventure.
What we going to talk about today?
Well, lots of failures but…

Introduction

Introduction CVE-2024-27348 is a Remote Code Execution (RCE) vulnerability that exists in Apache HugeGraph Server in versions before 1.3.0. An attacker can bypass the sandbox restrictions and...

Observe and reprogram running programs on Windows, macOS, GNU/Linux, iOS, watchOS, tvOS, Android, FreeBSD, and QNX

Learn how to access and recover replicated secrets in order to achieve eternal persistence in an Active Directory environment. Understand the steps involved in decoding replication traffic and understanding RPC calls.

Orange Tsai tweeted a few hours ago about “One of [his] PHP vulnerabilities, which affects XAMPP by default”, and we were curious to say the least. XAMPP is a very popular way for administrators and developers to rapidly deploy Apache, PHP, and a bunch of…

Thinking in states to handle information security complexities

A guide for detection engineers to establish their workflows & methodologies

Security reports: efficient and straightforward. The simplest way to detect and fix vulnerabilities

Denoscription of the CAA accounturi binding to mitigate or prevent domain verification bypasses and monitoring approaches like certificate transparency log analysis.

It is easy!

Key Takeaways In October 2023, we observed an intrusion that began with a spam campaign, distributing a forked IcedID loader. The threat actor used Impacket’s wmiexec and RDP to install Scree…

An interesting authentication bypass exploit in Veeam Backup Enterprise Manager