Fingerprinting FreeBSD OS Versions using OpenSSH
In the past, we’ve described how to fingerprint Ubuntu OS Version using OpenSSH. This time, I’ll ...
Read MoreA Call for Cooler Heads
One of the unfortunate parts of a business like ours is when disputes arise from penetration ...
Read MoreDouble Loaded Zip File Delivers Nanocore
Most malware sent via emails is packaged in archives such as ZIP, RAR, and 7z (7-Zip). ...
Read MoreWindows Debugging & Exploiting Part 1 - Environment Setup
Introduction In this blog series, I will try to set some base knowledge for Windows system ...
Read MoreMessing with Azorult Part 2: Command and Control
As we mentioned in our earlier blog, Azorult is very popular in the underground hacking forum. ...
Read MoreMessing with Azorult Part 1: Malware Breakdown
In this blog series, we dive into an information stealing Trojan called Azorult that we analyzed ...
Read MorePatch Tuesday, October 2019
Microsoft’s security update for the month of October is one of the lightest patch Tuesdays of the ...
Read MoreChaining Low/Info Level Vulnerabilities for Pwnage
Chained Critical Everyone gets critical. It’s part of our vernacular: critically injured, critical ...
Read MoreDocuments with IRM Password Protection Lead to Remcos RAT
Documents attached to emails are commonly used as the initial vector to deliver malware into a ...
Read MoreDigital Canaries in a Coal Mine: Detecting Enumeration with DNS and AD
Introduction A fundamental part of any network is the Domain Name Service (DNS). Adversaries will ...
Read MoreTracking the Chameleon Spam Campaign
In this blog, we draw attention to a persistent high-volume spam campaign that has been very ...
Read MoreMicrosoft Internet Explorer Remote Code Execution 0-Day (CVE-2019-1367)
Microsoft released an out-of-band patch for a 0-day vulnerability in Internet Explorer yesterday. ...
Read MoreGetting Started With Azure DevOps
Recently, I set out to find a simple solution to manage the building of all my offensive C# tools ...
Read MorePatch Tuesday, September 2019
For September 2019, Microsoft is releasing 78 CVEs. Of these CVEs, 17 are rated "Critical", 60 ...
Read MoreMultiple Vulnerabilities in Comba and D-Link Routers
Overview There are five new credential leaking vulnerabilities discovered and disclosed by Simon ...
Read MoreLord EK: A New Exploit Kit with an Ambitious Name
After a bit of a lull in the world of exploit kits, a new exploit kit by the name of “Lord EK” has ...
Read MoreDigging Deep into Magecart Malware Part II
Magecart is the name given to notorious groups of hackers that target online shopping carts, ...
Read MorePatch Tuesday, August 2019
The August Patch Tuesday is here ringing in patches for a massive 97 CVEs. Across those CVEs 31 are ...
Read MoreTrustwave Wins the Threat Indicator Top Contributor Award from Microsoft
Over the years, cyber-attacks have become widespread and increasingly sophisticated. This has ...
Read MoreSanDisk SSD Dashboard Vulnerabilities: CVE-2019-13466 & CVE-2019-13467
While recently upgrading my laptop with a new Solid State Drive (SSD), I installed a management ...
Read MoreHiding PHP Code in Image Files Revisited
Over five years ago, we published a blog detailing how a webshell’s backdoor code was hidden in an ...
Read MoreBreaking Smart [Bank] Statements
Context In Mexico, it’s possible to receive your monthly bank statement via email.
Read MoreHQL Injection Exploitation in MySQL
Are you familiar with an HQL injection exploitation? Chances are you’re not. While you may assume ...
Read MoreHardcoded Credentials in Uniguest Kiosk Software Lead to API Compromise
If you've traveled at all within North America, you've likely at some point noticed or even used ...
Read More“Sexfavor” Email Scam Delivers Danabot
Sextortion has been a widely used theme in spam campaigns since Q1 of 2018. From simple crafted ...
Read MorePatch Tuesday, July 2019
Patch Tuesday for July is here and after the massive release in June, the 77 patches issued this ...
Read MoreExecuting Code Using Microsoft Teams Updater
Red Teamers like to hunt for new methods of code execution through “legitimate” channels, and I’m ...
Read More