TL;DR Bucket upload policies are a convenient way to upload data to a bucket directly from the client. Going through the rules in upload policies and the logic related to some file-access scenarios we show how full bucket object listings were exposed with…

On July 31st , just after getting back to the office from my talk at RSA Asia 2018 about how cyber criminals use cryptocurrencies for their malicious activities, I noticed a huge surge of CoinHive in Brazil. After a quick...

This blog post documents the experiment of our Security Researcher Ziyahan Abeniz in exploiting a Microsoft Edge browser vulnerability. Proof of Exploit video included.

Development of large complex projects is impossible without the use of programming techniques and tools helping to monitor the quality of…

Unfortunately, generic IP cameras are notorious for their poor security practices. Most of the time, the manufacturer’s don’t force secure passwords, and mor...

archived 2 Aug 2018 15:08:07 UTC

InvisiblePersistence - Persisting in the Windows registry "invisibly"

2 votes and 1 comment so far on Reddit

Telewreck - A Burp extension to detect and exploit versions of Telerik Web UI vulnerable to CVE-2017-9248.

This blog contains write-ups of the things that I researched, learned, and wanted to share to others.

As a vulnerability analyst at the CERT Coordination Center, I am interested not only in software vulnerabilities themselves, but also exploits and exploit mitigations. Working in this field, it doesn't take too long to realize that there will never be...

4 votes and 0 comments so far on Reddit

Hello members of the InfoSec Community!

3 votes and 1 comment so far on Reddit

This meaty post covers the CoreDNS + Gravwell integration for DNS security auditing. Walk through using DNS threat lists to identify malicious activity and create an orchestration noscript to automatically perform the first few threat hunting steps. Gravwell…

31 votes and 1 comment so far on Reddit