In internal penetration tests and red team engagements, an account with write privileges over an SMB share can be your best bet to go further
Security Research and Services
In internal penetration tests and red team engagements, an account with write privileges over an SMB share can be your best bet to go further
How it all started What if I told you that the machines with 99 percentage fail chance wouldn’t do it… but a human with 1
In early September 2023, APT29, a group affiliated with Russia’s SVR, targeted multiple embassy offices using a WinRAR vulnerability. Their cyberespionage aims hinted at geopolitical motives. Exploiting CVE-2023-38831, the attackers executed a phishing campaign using a deceitful PDF, demonstrating the critical role of cybersecurity awareness and regular software updates in preventing such attacks.
A story of mass-discovery of LDAP Anonymous Binding leading to the account takeover of all members of a college. Explore the methodology, the challenges and the discoveries of this research project.
October marks Cyber Security Awareness Month, a time when individuals and organizations around the globe come together to raise awareness about the importance of staying safe and secure in the digital world. In the era of smartphones and mobile applications, it’s crucial to pay special attention to the security of our mobile devices.
In this blog post you will learn how to identify basic Remote Code Execution vulnerabilities and how to exploit them.Caution: Some payloads discussed here can