Citrix ADC/Netscaler - CVE-2019-19781

The Citrix vulnerability (CVE-2019-19781) was first identified in December of 2019. This ...

Read More

Patch Tuesday, January 2020

Happy 2020! Microsoft is helping you celebrate the new decade with patches for 49 CVEs. Of those ...

Read More

ModSecurity v3.0.4 Released!

It is a pleasure to announce the release of ModSecurity version 3.0.4 (libModSecurity). This ...

Read More

Windows Debugging & Exploiting Part 3: WinDBG Time Travel Debugging

Introduction Hi, my fellow friends! How are you? Hopefully, you had a terrific holiday and much ...

Read More

Using the InterPlanetary File System For Offensive Operations

Introduction In this blog post, I intend to provide some insight into using the InterPlanetary File ...

Read More

Leveraging Disk Imaging Tools to Deliver RATs

This year we observed a notable uptick in disc imaging software (like .ISO) being used as a ...

Read More

Undressing the REvil

Contributors: Lloyd Macrohon and Rodel Mendrez

Read More

Anyone Can Check for Magecart with Just the Browser

In the past, there have been plenty of articles and blog posts recommending the use of Content ...

Read More

Typosquatting in Python Repositories

Python's popularity is amazing and constantly growing. For the first time, Python has overtaken ...

Read More

Patch Tuesday, December 2019

December's Patch Tuesday is upon us, and, as in years gone by, it's a rather light month. All told ...

Read More

SCshell: Fileless Lateral Movement Using Service Manager

During red team engagements, lateral movement in a network is crucial. In addition, as a critical ...

Read More

CVE-2019-1429: (Another) Microsoft Internet Explorer 0-Day

November’s Patch Tuesday from Microsoft included a patch for yet another Internet Explorer 0-day, ...

Read More

Introducing Password Cracking Manager: CrackQ

Today we are releasing CrackQ, a queuing system to manage password cracking that I've been working ...

Read More

Time Windows for Penetration Testing

Often when penetration tests are scheduled, it will be requested that testing occurs during ...

Read More

CVE-2019-15652: SatLink VSAT Vulnerabilities

Back in May of this year, I discovered a few vulnerabilities in the SatLink 2000 VSAT modem, which ...

Read More

Fake Windows Update Spam Leads to Cyborg Ransomware and Its Builder

Recently, fake Microsoft Windows Update emails were spammed with the following subject lines: ...

Read More

Windows Debugging & Exploiting Part 2 - WinDBG 101

Introduction Hello again! After our previous post about the environment setup, now it is time to ...

Read More

Fingerprinting FreeBSD OS Versions using OpenSSH

In the past, we’ve described how to fingerprint Ubuntu OS Version using OpenSSH. This time, I’ll ...

Read More

A Call for Cooler Heads

One of the unfortunate parts of a business like ours is when disputes arise from penetration ...

Read More

Double Loaded Zip File Delivers Nanocore

Most malware sent via emails is packaged in archives such as ZIP, RAR, and 7z (7-Zip). ...

Read More

Windows Debugging & Exploiting Part 1 - Environment Setup

Introduction In this blog series, I will try to set some base knowledge for Windows system ...

Read More

Messing with Azorult Part 2: Command and Control

As we mentioned in our earlier blog, Azorult is very popular in the underground hacking forum. ...

Read More

Messing with Azorult Part 1: Malware Breakdown

In this blog series, we dive into an information stealing Trojan called Azorult that we analyzed ...

Read More

Patch Tuesday, October 2019

Microsoft’s security update for the month of October is one of the lightest patch Tuesdays of the ...

Read More

Chaining Low/Info Level Vulnerabilities for Pwnage

Chained Critical Everyone gets critical. It’s part of our vernacular: critically injured, critical ...

Read More

Documents with IRM Password Protection Lead to Remcos RAT

Documents attached to emails are commonly used as the initial vector to deliver malware into a ...

Read More

Digital Canaries in a Coal Mine: Detecting Enumeration with DNS and AD

Introduction A fundamental part of any network is the Domain Name Service (DNS). Adversaries will ...

Read More

Tracking the Chameleon Spam Campaign

In this blog, we draw attention to a persistent high-volume spam campaign that has been very ...

Read More