Administrador posts

Log4shell full picture: All the vulnerabilities affecting Log4j

By Administrador|23 Dec. 2021|Tarlogic's Blog - Cybersecurity|

Vulnerabilities affecting the Log4j component have triggered a worldwide earthquake. Tarlogic presents a series of recommendations to prevent and contain the threats regarding Log4Shell It's one of the biggest vulnerabilities of the last decade, perhaps the biggest. The shock within the cybersecurity community due to the appearance of Log4Shell has been global, to the extent that today we believe that there is no one in the IT sector who does not know the different vulnerabilities that affect the Log4j component. That is why the Cybersecurity team at Tarlogic Security has prepared an exhaustive analysis of the incident. In this article we detail the different vulnerabilities and provide a series of recommendations to prevent and contain possible threats from Log4Shell. What ...

Comments Off

Tracking JNDI attacks: Hunting Log4Shell in your network

By Administrador|15 Dec. 2021|Tarlogic's Blog - Cybersecurity|

BlackArrow's Threat Hunting team uses a Minecraft server to illustrate the impact of Log4Shell from both an attacker's and defender's point of view

Comments Off

Attacks to the Bluetooth Link Manager Protocol with BrakTooth

By Administrador|14 Dec. 2021|Tarlogic's Blog - Cybersecurity|

The third installment of the Bluetooth vulnerabilities focuses on denial of service and code execution attacks in BrakTooth

Comments Off

Log4Shell vulnerability CVE-2021-44228, the new cyber-apocalypse

By Administrador|12 Dec. 2021|Tarlogic's Blog - Cybersecurity|

The detection of the Log4Shell vulnerability only 4 days ago could have serious consequences due to its high level of penetration

Comments Off

Bluetooth KNOB and BLURtooth, second installment of Bluetooth cyber-attacks

By Administrador|9 Dec. 2021|Tarlogic's Blog - Cybersecurity|

The second instalment of the Bluetooth cyber-attacks focuses on two Bluetooth threats that have been gaining momentum in recent times

Comments Off

Introduction to Bluetooth attacks

By Administrador|1 Dec. 2021|Tarlogic's Blog - Cybersecurity|

Tarlogic starts a series of articles analyzing Bluetooth attacks. In this first installment, we present BIAS and BLESA, two of this threats

Comments Off

Getting up before you fall: how to manage a cyber crisis

By Administrador|27 Oct. 2021|Cyber intelligence blog|

Cyber crisis management requires constant updating of knowledge due to the characteristics of the Internet

Comments Off

The stress as adversarial factor for cyber decision-making

By Administrador|21 Sep. 2021|Cyber for all Blog|

Cyber decision-making is often conditioned by very short response times. High-level research analyzes the impact of stress in these situations

Comments Off

Hardening of Windows systems: network authentication

By Administrador|16 Jun. 2021|Tarlogic's Blog - Cybersecurity|

Having professionals trained and involved with system hardening offers the possibility of having secure implementations and avoids misconfigurations

Comments Off

Leveraging Microsoft Teams to persist and cover up Cobalt Strike traffic

By Administrador|14 May. 2021|BlackArrow blog|

Introduction During a recent Red Team operation got local admin privileges on a workstation where an EDR solution was identified. In this scenario, the next step to proceed with the engagement was to infect and persist on the compromised system, towards securing remote access. After exploring several options, a Microsoft Teams binary was identified as vulnerable to DLL Hijacking. This article explains how to take advantage of this situation, making use of a Cobalt Strike payload embedded in a DLL. Finally, it details how to mimic legitimate Microsoft Teams traffic when communicating with the C&C using Cobalt Strike malleable C2 profiles. Cobalt Strike persistence via DLL Hijacking In order to ease up the process, the Red Team prepared a local ...

Comments Off

About Administrador

Necessary

3rd Party Cookies