Cybersecurity Blog - Page 10 of 12

Linux process infection

21 - December - 2018 Gonzalo Carracedo

[...]

SaSSHimi: Evading SSH AllowTcpForwarding

16 - November - 2018 Raul Sampedro

[...]

Arecibo: an OOB exfiltration tool (DNS & HTTP)

09 - November - 2018 Juan Manuel Fernandez

[...]

Ubiquoss Switch VP5208A Vulnerability – CVE-2018-10024

01 - September - 2018

Vendor: Ubiquoss Product: Ubiquoss Switch VP5208A Discovered by: Juan Manuel Fernandez – Tarlogic (@TheXC3LL) Ubiquoss Switch VP5208A Vulnerability – CVE-2018-10024 Cre[...]

Abusing SeLoadDriverPrivilege for privilege escalation

14 - June - 2018 Oscar Mallo

0x01 – Preamble In Windows operating systems, it is well known that assigning certain privileges to user accounts without administration permissions can result in local privilege[...]

Interactive Shell via Bluetooth

01 - June - 2018 Juan Manuel Fernandez

[...]

Pentests in restricted VDI environments

21 - May - 2018 Viatcheslav Zhilin

A common scenario during an assessment or a pentesting is starting it from a VDI environment, focused towards “what could an insider or an attacker who has stolen a worker[...]

Saifor CVMS Hub 1.3.1 Vulnerability – CVE-2018-6792

01 - March - 2018

Tarlogic Advisory: Tarlogic-2018-001 Title: SQL Injection in Saifor CVMS Hub 1.3.1 Discovered by: José Manuel Aparicio – Tarlogic (@jm_aparicio) Saifor Vulnerability –[...]

Exploiting Word: CVE-2017-11826

11 - December - 2017 Javier Gil

Coincidentially with the beginning of an APT simulation engagement in the Red Teaming, a patch was issued my Microsoft fixing some vulnerabilities (CVE-2017-11826) affecting MS Off[...]

Fuzzing Tales 0x01: Yadifa DNS

19 - September - 2017 Javier Gil

[...]

Necessary

3rd Party Cookies