Wiz research shares how threat actors behind the 2023 DERO cryptojacking campaign have adapted their techniques, and how to mitigate your risk.

Enhance Windows forensics with our guide. Configure built-in logs for better incident response and breach detection using built-in tools, no extra software need

With physical access to Android device with enabled ADB debugging running Android 12 or 13 before receiving March 2024 security patch, it is possible to access internal data of any user installed app by misusing CVE-2024-0044 vulnerability. Internal data…

Summary
We (Julien Ahrens @MrTuxracer and myself @Evan_Connelly) identified nearly 30 popular apps, as well as a feature within iOS itself, vulnerable to an attack in which any installed iOS app from the Apple App Store could perform an account takeover of…

PSIM software integrates security apps, automates workflows, and unifies device control for a seamless user experience.

In today’s digital landscape, Active Directory (AD) serves as the backbone for managing network resources in most enterprise environments…

Setting up the environment + Hello World Inspecting and tampering HTTP requests and responses Inspecting and tampering WebSocket messages Creating […]

Introduction CVE-2024-25065 is a vulnerability that exists in Apache OFBiz before version 18.12.12. It is a path traversal vulnerability that allows authentication bypass through the contextPath...

While reversing a device, we stumbled across an interesting binary named unicorn . The binary appeared to be a developer utility potentially related to the Augentix SoC SDK. The unicorn binary is only executed when the device is set to developer mode. Fortunately…

This is the personal website of Egidio Romano, a very curious guy from Sicily, Italy. He's a computer security enthusiast, particularly addicted to webapp security.

FileSystem Monitor (fsmon) allows you to monitor file system events at runtime on Linux, OSX, iOS and Android systems. Useful for bug bounty hunters, malware analyst

Custom Hashcat Module for Apache Shiro 1 SHA-512

Discover the latest insights from the Cleafy Threat Intelligence team on new fraud campaigns involving the Medusa (TangleBot) banking trojan. Learn about Medusa's sophisticated capabilities, recent updates, and shifts in distribution strategies targeting…

elttam is a globally recognised, independent information security company, renowned for our advanced technical security assessments.