Yet Another Archive Format Smuggling Malware
The use of novel disk image files to encapsulate malware distributed via spam has been a theme that ...
Read More
Thousands of Vulnerable VMWare vCenter Servers Still Publicly Exposed (CVE-2021-21985, CVE-2021-21986)
Background On May 25th, 2021, VMWare released patches to address VMSA-2021-0010, a critical ...
Read MorePatch Tuesday, June 2021
Summer is officially here and with it June's Patch Tuesday. This is a surprisingly light month with ...
Read MoreHuawei LTE USB Stick E3372: From File Overwrite to Code Execution
In today's world, more and more devices are connected to the Internet for on-the-go connectivity. ...
Read MoreWeb Applications and Internal Penetration Tests
Until recently, I really didn't care about web applications on an internal penetration test. ...
Read MoreCVE-2021-31166: RCE in Microsoft HTTP.sys
In the May 2021 Microsoft update, Microsoft patched an HTTP.sys vulnerability that has the ability ...
Read MoreExploitation of Sharepoint 2016: Simple Things Matter – Case Study
Sharepoint is generally used as an intranet site, to share news and other internal company ...
Read MorePatch Tuesday, May 2021
May's Patch Tuesday is upon us and probably the most surprising thing about the release is that ...
Read MorePingback: Backdoor At The End Of The ICMP Tunnel
Introduction In this post, we analyze a piece of malware that we encountered during a recent breach ...
Read MoreAll Your Databases Belong To Me! A Blind SQLi Case Study
“All your base are belong to us”, Zero game 1992
Read MorePatch Tuesday, April 2021
April's Patch Tuesday is upon us and it is showering us with patches for a total of 108 CVEs. This ...
Read MoreHTML Lego: Hidden Phishing at Free JavaScript Site
This blog investigates an interesting phishing campaign we encountered recently. In this campaign, ...
Read MoreElevate Yourself to Admin in Umbraco CMS 8.9.0 (CVE-2020-29454)
Umbraco version 8.9.0 (also seen in 8.6.3) has a privilege escalation issue in the core ...
Read MoreYou Just Received 25k USD in Your BTC Account! A Practical Phishing Defense Tutorial
From time to time, we all receive some unexpected messages. Either through social media or email. ...
Read MoreFrom Creative Password Hashes to Administrator: Gone in 60 Seconds (Or Thereabouts)
Picture the scene, you’re on an application penetration test (as a normal user) and you’ve managed ...
Read MoreHAFNIUM, China Chopper and ASP.NET Runtime
The recent Microsoft Exchange Server zero-day exploits (CVE-2021-26855, CVE-2021-26857, ...
Read MoreImage File Trickery Part II: Fake Icon Delivers NanoCore
The .zipx file extension is used to denote that the ZIP archive format is compressed using advanced ...
Read MorePatch Tuesday, March 2021
The March Patch Tuesday is here and it's been an unfortunately busy month for Microsoft. Earlier ...
Read MoreThe Many Roads Leading To Agent Tesla
Agent Tesla is a common Remote Access Trojan (RAT) discovered in 2014. This threat is capable of ...
Read MorePatch Tuesday, February 2021
February is here and with it comes a relatively light Patch Tuesday. Only 56 CVEs are being patched ...
Read MoreFull System Control with New SolarWinds Orion-based and Serv-U FTP Vulnerabilities
Updates: This blog post was updated Feb. 9 to include Proof-of-Concept (PoC) code.
Read MorePatch Tuesday, January 2021
The first Patch Tuesday of 2021 is here and the year is starting out lighter than most. Perhaps a ...
Read MoreMicrosoft Teams and Skype Logging Privacy Issue
Description: This blog post focuses on the privacy issues that Microsoft Teams & Skype desktop ...
Read MoreA Trump Sex Video? No, It's a RAT!
While reviewing our spam traps, a particular campaign piqued our interest primarily because the ...
Read MorePhishing the Holiday Season
Yes! It’s that time of the year again! The time for celebrating our traditions, a time of giving, ...
Read MoreTrustwave’s Action Response To the FireEye Data Breach & SolarWinds Orion Compromise
UPDATES This blog post was updated March 17 to include information on new Trustwave IDS updates.
Read MoreD-Link: Multiple Security Vulnerabilities Leading to RCE
On the 30th of October, D-Link published a support announcement and released a new firmware to ...
Read More