TARLOGIC's BLOG
Cybersecurity - Page 2

Cybersecurity articles with security analysis and ethical hacking technics information

The Way of the Hunter: Defining an ad hoc EDR evaluation methodology
The Way of the Hunter: Defining an ad hoc EDR evaluation methodology
Julio Jairo Estévez

Nowadays Threat Hunting is a very popular term in the infosec community. However, there is not a widely shared definition of that role. Discrepancies persist as everyone considers [...]

Read more
Continuous Threat Hunting vs. Campaign-based Threat Hunting
Continuous Threat Hunting vs. Campaign-based Threat Hunting
Alberto Terceiro

Continuous Threat Hunting allows early detection of threats and is more complete than Campaign-based Threat Hunting The classic Threat Detection model has traditionally been consid[...]

Read more
CVE-2024-30078: Remote code execution on Windows Wi-Fi driver
CVE-2024-30078: Remote code execution on Windows Wi-Fi driver
S.T.A².R.S Team

CVE-2024-30078 is a Windows Wi-Fi driver vulnerability with low exploit complexity that allows remote code execution Last June 11, Microsoft made public in its «Patch Tuesdays» a[...]

Read more
CVE-2024-4577: Critical vulnerability in PHP
CVE-2024-4577: Critical vulnerability in PHP
S.T.A².R.S Team

CVE-2024-4577 can be exploited in all versions of PHP for Windows and lead to the execution of malicious code A critical vulnerability in PHP has recently been published that could[...]

Read more
CVE-2024-32002: Critical vulnerability in Git
CVE-2024-32002: Critical vulnerability in Git
S.T.A².R.S Team

Critical vulnerability CVE-2024-32002 affecting Git update control software can lead to remote code execution A critical vulnerability in Git has recently been published that coul[...]

Read more
CVE-2024-3400: Unauthenticated code injection in PAN-OS
CVE-2024-3400: Unauthenticated code injection in PAN-OS
S.T.A².R.S Team

CVE-2024-3400 affects Palo Alto Networks PAN-OS software used to manage the first layer of defense for many enterprises A critical command injection vulnerability has been recently[...]

Read more
CVE-2024-3094: Backdoor in XZ Utils library
CVE-2024-3094: Backdoor in XZ Utils library
S.T.A².R.S Team

CVE-2024-3094 present in the XZ Utils library may allow an attacker to use malicious code to compromise the integrity of affected systems On March 29, a developer identified CVE-20[...]

Read more
What can be the consequences of a security breach in a web application?
What can be the consequences of a security breach in a web application?
Ciber 4 All Team

Web applications are a double-edged sword: they are the perfect showcase for potential customers, but they also act as a large window to sneak in and plunder the business. A securi[...]

Read more
BlueSpy – Spying on Bluetooth conversations
BlueSpy – Spying on Bluetooth conversations
Jesús María Gómez Moreno

BlueSpy is a proof of concept for exploiting vulnerabilities in Bluetooth headsets and eavesdropping on private conversations The first results following the publication of BSAM, a[...]

Read more
CVE-2023-49785: Vulnerability in NextChat
CVE-2023-49785: Vulnerability in NextChat
S.T.A².R.S Team

CVE-2023-49785 is a critical vulnerability affecting NextChat, an application that provides users with a web interface based on ChatGPT Information has been disclosed about a new c[...]

Read more
1 2 3 4 5 13
Advanced penetration testing services