FortiNAC is a zero-trust access solution that oversees and protects all digital assets connected to the enterprise network, covering devices from IT, IoT, OT/ICS to IoMT. – https://www.fortinet.com/products/network-access-control

Explore Qakbot’s evolving C2 infrastructure through NetFlow analysis, revealing new servers, port trends, and insights into upstream communication layers.

Reading Time: 24 minutesCase001 Super Timeline Creation and Analysis Before Starting this lab it is strongly recommended you examine the memory, autoruns, pcap, or logs first. Come to this lab with indicators to search for. Learning Objectives of Super Timeline…

Despite some fairly negative media attention, not every Tor Hidden Service is (or needs to be) a hotbed of immorality. Some exist in order to allow those in restrictive countries to access things we m

In the last few years, we have seen multiple vulnerabilities in Parallels Desktop leading to virtual machine escapes. Interested readers can check our previous blog posts about vulnerabilities across interfaces such as RDPMC hypercalls , the Parallels ToolGate…

The @CryptoHack__ account was pinged today by ENOENT, with a CTF-like challenge found in the wild: Source tweet. Here’s a write-up covering how given a partially redacted PEM, the whole private key can be recovered.

NIST has revised the framework to help benefit all sectors, not just critical infrastructure.

Bishop Fox provides additional analysis and exploitation of CVE-2023-3519, a critical remote code execution vulnerability in Citrix ADC. Learn more here!

As attacks become more fileless and malware gets more obfuscated, it is getting more difficult to determine whether there is a malicious intent from a file by itself. For this reason, malware detection methods that utilize sandboxes and AI, as...

Introduction I was scrolling through one of the social media dumpster fires the other day and whizzed past a post that caught my attention. The post itself was not paricularly novel - it was a process injection technique implemented as a Cobalt Strike Beacon…

Claroty unveils a unique attack technique that could allow an attacker to impersonate Western Digital (WD) network-attached storage (NAS) devices. Learn more.

a data dump of findings and notes taken while hunting for vulnerabilities on the Netgear Orbi.

a walkthrough of my experience finding a buffer overflow, discovering a null pointer deref along the way, and eventually figuring out the bug wasn’t (easily) exploitable.

The Falcon Complete MDR team discovered and blocked a zero-day exploit (CVE-2023-36874) affecting Windows Error Reporting. Learn more about the discovery and response!

rediscovering and developing a weaponized exploit for a command injection vulnerability in Orbi wifi systems that was reported and patched last year.