Categories • Page 2/5
Security research
Here’s where our security researchers analyze and share insights about the latest vulnerabilities, providing details on how they work, or how to exploit them.
How supply chain attacks work and 7 ways to mitigate them
Your organization is a connected network of vendors, software, and people that keep your business operational. Each of these elements has various degrees of access to sensitive information which a bad actor can use as entry points in supply chain attacks.
- Author(s)
- Published at
- Updated at
100+ essential penetration testing statistics [2023 edition]
If there’s anything we learned from years of working in infosec is this: don’t make assumptions without knowing the context and make decisions based on reliable data. With that in mind, we’ve put together this extensive list of penetration testing statistics and relevant data that shed light on many aspects of the industry.
- Author(s)
- Published at
- Updated at
Phishing a company through a 7-Zip misconfiguration
Reading about phishing can sometimes feel tedious, as many articles simply rehash the same old scenarios and prevention strategies without diving into technical details or offering anything fresh. But don't worry, we've got you covered!
- Author(s)
- Published at
- Updated at
Everything you need to know about the new OpenSSL vulnerabilities (CVE-2022-3602 & CVE-2022-3786)
Before securing systems, we need to understand what we’re trying to secure and how to do it. Today we are exploring two new vulnerabilities that got the community's attention this month. Most importantly you will learn how to patch them and how impactful they are.
- Author(s)
- Published at
- Updated at
Authenticated Magento RCE with deserialized PHAR files
Back in August 2019, I reported a security vulnerability in Magento affecting versions 2.3.2, 2.3.3, and 2.3.4 using the HackerOne bug bounty platform. The bug impacted some installations of Magento and it allowed us to gain Remote Code Execution based on the way PHAR files are deserialized and by abusing Magento’s Protocol Directives.
- Author(s)
- Published at
- Updated at
How to manually detect CVE-2022-21371 in Oracle WebLogic Servers
If you’re constantly thinking about better ways to discover critical vulnerabilities in systems, you are not alone. As a security researcher, I spend most of my time understanding their root cause and their potential impact on organizations, striving to help other security specialists communicate them effectively.
- Author(s)
- Published at
- Updated at
How to exploit Zabbix Unsafe Session Storage (CVE-2022-23131)
Due to its increasing popularity and administrative access to most companies’ infrastructure, Zabbix has become a high-profile target for threat actors. So of course a security issue like the Unsafe Session Storage vulnerability attracts motivated cybercriminals. If it’s up to you to find exploitable targets and gather proof for vulnerability validation for your ethical hacking engagements, this guide is for you!
- Author(s)
- Published at
- Updated at
How to manually detect and exploit Spring4Shell (CVE-2022-22965)
Just a few months after the Log4Shell brutally shook our world, when things started to look calm and peaceful again, the Vulnerability Gods have unleashed upon us. Another similarly named vulnerability in a popular Java framework – Spring4Shell – came to light. Is CVE-2022-22965 as dangerous and as widespread as its (slightly) older sibling? Stick with us to find out!
- Author(s)
- Published at
- Updated at
How to detect and exploit Citrix ADC and Citrix Gateway (CVE-2020-8194)
Citrix systems are very popular, even famous, one could say. They even sponsor Formula 1 teams! But despite their notoriety, they use the FreeBSD OS on their devices and plain PHP for web services, so I got easy access to the code and analyzed it.
- Author(s)
- Published at
- Updated at
How to exploit a Remote Code Execution vulnerability in Laravel (CVE-2021-3129)
I discovered this vulnerability for the first time in the Horizontall machine from Hack The Box, and the conditions in which it’s triggered pushed me to understand it in more detail. CVE-2021-3129 reminds me about a log poisoning vulnerability, but with a different flavor.
- Author(s)
- Published at
- Updated at
How to exploit the HTTP.sys Remote Code Execution vulnerability (CVE-2022-21907)
Pattern recognition is what hundreds of security specialists in our community voted as the skill to cultivate for a rewarding infosec career. While we have some innate pattern recognition abilities, developing them is essential – and that’s a matter of practice. Working in offensive security gives you plenty of opportunities to do this, with new vulnerabilities ripe for close examination. So let’s go ahead and do just that while discovering how this CVE carries echoes from another vulnerability from a while back.
- Author(s)
- Published at
- Updated at