By: Jason Reaves and Joshua Platt

X-Force Red experts take a deep dive into DLL sideloading and how offensive security professionals can prevent attackers from using it.

Unpack the remote code execution vulnerability impacting the Microsoft Message Queueing service — CVE-2023-21554, a.k.a. QueueJumper.

NTLM relay is a technique of standing between a client and a server to perform actions on the server while impersonating the client. Protections such as SMB signing or MIC allow to limit the actions of an attacker. This article goes into detail about this…

Between March 2023 and May 2023, we identified multiple security vulnerabilities within points.com, the backend provider for a significant portion of airline and hotel rewards programs. These vulnerabilities would have enabled an attacker to access sensitive…

It will be possible to better understand the Javascript structures in memory while executing code in browsers or in any other program that makes use of the most famous JS interpreters, such as Firefox, Google Chrome, Internet Explorer and Safari

As we saw in the previous article Assessing Security Risks of Local Storage on Non-Jailbroken iOS Devices that how we can install the…

a quick post on a format string bug in libinput I found last year but never got around to debugging, plus some exploit code to leak the stack canary on a default Xubuntu 20.04.4 system.

FortiNAC is a zero-trust access solution that oversees and protects all digital assets connected to the enterprise network, covering devices from IT, IoT, OT/ICS to IoMT. – https://www.fortinet.com/products/network-access-control

Explore Qakbot’s evolving C2 infrastructure through NetFlow analysis, revealing new servers, port trends, and insights into upstream communication layers.

Reading Time: 24 minutesCase001 Super Timeline Creation and Analysis Before Starting this lab it is strongly recommended you examine the memory, autoruns, pcap, or logs first. Come to this lab with indicators to search for. Learning Objectives of Super Timeline…

Despite some fairly negative media attention, not every Tor Hidden Service is (or needs to be) a hotbed of immorality. Some exist in order to allow those in restrictive countries to access things we m

In the last few years, we have seen multiple vulnerabilities in Parallels Desktop leading to virtual machine escapes. Interested readers can check our previous blog posts about vulnerabilities across interfaces such as RDPMC hypercalls , the Parallels ToolGate…

The @CryptoHack__ account was pinged today by ENOENT, with a CTF-like challenge found in the wild: Source tweet. Here’s a write-up covering how given a partially redacted PEM, the whole private key can be recovered.

NIST has revised the framework to help benefit all sectors, not just critical infrastructure.

Bishop Fox provides additional analysis and exploitation of CVE-2023-3519, a critical remote code execution vulnerability in Citrix ADC. Learn more here!

As attacks become more fileless and malware gets more obfuscated, it is getting more difficult to determine whether there is a malicious intent from a file by itself. For this reason, malware detection methods that utilize sandboxes and AI, as...