TARLOGIC's BLOG
Cybersecurity

Cybersecurity articles with security analysis and ethical hacking technics information

CVE-2024-6387: RegreSSHion, a high vulnerability that affects OpenSSH
CVE-2024-6387: RegreSSHion, a high vulnerability that affects OpenSSH
S.T.A².R.S Team

Information has been disclosed about a new high vulnerability (CVE-2024-6387) that affects OpenSSH over Linux Servers. RegreSSHion allows an unauthenticated attacker to obtain remo[...]

Read more
Bluetooth Architecture from Scratch
Bluetooth Architecture from Scratch
Jesús Gómez Moreno

The Bluetooth architecture determines which functions should be operational in an implementation and how they should be organised Bluetooth is composed of multiple technologies, pr[...]

Read more
The Way of the Hunter: Defining an ad hoc EDR evaluation methodology
The Way of the Hunter: Defining an ad hoc EDR evaluation methodology
Julio Jairo Estévez

Nowadays Threat Hunting is a very popular term in the infosec community. However, there is not a widely shared definition of that role. Discrepancies persist as everyone considers [...]

Read more
Continuous Threat Hunting vs. Campaign-based Threat Hunting
Continuous Threat Hunting vs. Campaign-based Threat Hunting
Alberto Terceiro

Continuous Threat Hunting allows early detection of threats and is more complete than Campaign-based Threat Hunting The classic Threat Detection model has traditionally been consid[...]

Read more
CVE-2024-30078: Remote code execution on Windows Wi-Fi driver
CVE-2024-30078: Remote code execution on Windows Wi-Fi driver
S.T.A².R.S Team

CVE-2024-30078 is a Windows Wi-Fi driver vulnerability with low exploit complexity that allows remote code execution Last June 11, Microsoft made public in its «Patch Tuesdays» a[...]

Read more
CVE-2024-4577: Critical vulnerability in PHP
CVE-2024-4577: Critical vulnerability in PHP
S.T.A².R.S Team

CVE-2024-4577 can be exploited in all versions of PHP for Windows and lead to the execution of malicious code A critical vulnerability in PHP has recently been published that could[...]

Read more
CVE-2024-32002: Critical vulnerability in Git
CVE-2024-32002: Critical vulnerability in Git
S.T.A².R.S Team

Critical vulnerability CVE-2024-32002 affecting Git update control software can lead to remote code execution A critical vulnerability in Git has recently been published that coul[...]

Read more
CVE-2024-3400: Unauthenticated code injection in PAN-OS
CVE-2024-3400: Unauthenticated code injection in PAN-OS
S.T.A².R.S Team

CVE-2024-3400 affects Palo Alto Networks PAN-OS software used to manage the first layer of defense for many enterprises A critical command injection vulnerability has been recently[...]

Read more
CVE-2024-3094: Backdoor in XZ Utils library
CVE-2024-3094: Backdoor in XZ Utils library
S.T.A².R.S Team

CVE-2024-3094 present in the XZ Utils library may allow an attacker to use malicious code to compromise the integrity of affected systems On March 29, a developer identified CVE-20[...]

Read more
What can be the consequences of a security breach in a web application?
What can be the consequences of a security breach in a web application?
Ciber 4 All Team

Web applications are a double-edged sword: they are the perfect showcase for potential customers, but they also act as a large window to sneak in and plunder the business. A securi[...]

Read more
1 2 3 4 12
Advanced penetration testing services