TARLOGIC's BLOG
Cybersecurity

Cybersecurity articles with security analysis and ethical hacking technics information

Pentesting Liferay Applications
Pentesting Liferay Applications
Víctor Fresco

This Pentesting Liferay Applications guide includes techniques that can be used to identify vulnerabilities and flaws in Liferay environments Liferay is a platform developed in the[...]

Read more
CVE-2024-49138: Risk in CLFS Log Handling on Windows
CVE-2024-49138: Risk in CLFS Log Handling on Windows
S.T.A².R.S Team

A high-severity vulnerability has been discovered affecting the Common Log File System (CLFS) functionality in Windows systems. This vulnerability, identified as CVE-2024-49138, al[...]

Read more
CVE-2024-53677: Critical vulnerability affecting Apache Struts
CVE-2024-53677: Critical vulnerability affecting Apache Struts
S.T.A².R.S Team

Information has been disclosed about a new critical vulnerability affecting the popular Apache Struts framework. The CVE-2024-53677 vulnerability could allow a remote attacker to e[...]

Read more
CVE-2024-52316: Critical vulnerability in Apache Tomcat
CVE-2024-52316: Critical vulnerability in Apache Tomcat
S.T.A².R.S Team

Critical vulnerability CVE-2024-52316 affecting Apache Tomcat allows authentication bypass when using the Jakarta authentication API A critical vulnerability has been identified in[...]

Read more
CVE-2024-6387: RegreSSHion, a high vulnerability that affects OpenSSH
CVE-2024-6387: RegreSSHion, a high vulnerability that affects OpenSSH
S.T.A².R.S Team

Information has been disclosed about a new high vulnerability (CVE-2024-6387) that affects OpenSSH over Linux Servers. RegreSSHion allows an unauthenticated attacker to obtain remo[...]

Read more
Bluetooth Architecture from Scratch
Bluetooth Architecture from Scratch
Jesús Gómez Moreno

The Bluetooth architecture determines which functions should be operational in an implementation and how they should be organised Bluetooth is composed of multiple technologies, pr[...]

Read more
The Way of the Hunter: Defining an ad hoc EDR evaluation methodology
The Way of the Hunter: Defining an ad hoc EDR evaluation methodology
Julio Jairo Estévez

Nowadays Threat Hunting is a very popular term in the infosec community. However, there is not a widely shared definition of that role. Discrepancies persist as everyone considers [...]

Read more
Continuous Threat Hunting vs. Campaign-based Threat Hunting
Continuous Threat Hunting vs. Campaign-based Threat Hunting
Alberto Terceiro

Continuous Threat Hunting allows early detection of threats and is more complete than Campaign-based Threat Hunting The classic Threat Detection model has traditionally been consid[...]

Read more
CVE-2024-30078: Remote code execution on Windows Wi-Fi driver
CVE-2024-30078: Remote code execution on Windows Wi-Fi driver
S.T.A².R.S Team

CVE-2024-30078 is a Windows Wi-Fi driver vulnerability with low exploit complexity that allows remote code execution Last June 11, Microsoft made public in its «Patch Tuesdays» a[...]

Read more
CVE-2024-4577: Critical vulnerability in PHP
CVE-2024-4577: Critical vulnerability in PHP
S.T.A².R.S Team

CVE-2024-4577 can be exploited in all versions of PHP for Windows and lead to the execution of malicious code A critical vulnerability in PHP has recently been published that could[...]

Read more
1 2 3 4 13
Advanced penetration testing services