Cybersecurity blog

Cybersecurity articles with security analysis and ethical hacking technics information

Introduction to fuzzing: How to automatically discover bugs
Introduction to fuzzing: How to automatically discover bugs

Fuzzing techniques are used to detect security breaches and other bugs by generating inputs not contemplated by the programmer Fuzzing history Software development has evolved at g[...]

Read more
IoT and embedded devices security analysis following OWASP
IoT and embedded devices security analysis following OWASP

  OWASP-FSTM methodology offers a standardized guide, step by step, of how to perform a security analysis on IoT and embedded devices. This guide is elaborated so that all pos[...]

Read more
Spring4Shell Vulnerability – CVE-2022-22965 and CVE-2022-22963
Spring4Shell Vulnerability – CVE-2022-22965 and CVE-2022-22963

The Spring4Shell vulnerability affects a popular Java framework. Tarlogic analyzes the content and impact of this security breach.[...]

Read more
Dirty Pipe Vulnerability CVE-2022-0847
Dirty Pipe Vulnerability CVE-2022-0847

This article describes the Dirty Pipe vulnerability (CVE-2022-0847), which initially affects the Linux kernel.[...]

Read more
PLCTool, the Swiss army knife of smart meters
PLCTool, the Swiss army knife of smart meters

The following article is an introduction and description of the PLCTool project, along with a user’s guide to start investigating PRIME/DLMS networks and smart meters. As sup[...]

Read more
Risks of hardware design
Risks of hardware design

This article presents a current problem, the risks of hardware design by using obsolete components or components about to end their life cycle[...]

Read more
Memory Reader: obtaining access keys from IoT devices
Memory Reader: obtaining access keys from IoT devices

The security of IoT devices and memory readers often presents security gaps. Tarlogic’s Innovation team highlights some of them IoT devices are becoming more and more widespr[...]

Read more
Log4shell full picture: All the vulnerabilities affecting Log4j
Log4shell full picture: All the vulnerabilities affecting Log4j

Vulnerabilities affecting the Log4j component have triggered a worldwide earthquake. Tarlogic presents a series of recommendations to prevent and contain the threats regarding Log4[...]

Read more
We tracked 800 million transactions in the Ethereum Blockchain. Here is how we did it.
We tracked 800 million transactions in the Ethereum Blockchain. Here is how we did it.

Something really big is going on the Ethereum Blockchain. Fraud, speculation, financial products, tax evasion, million-dollar robberies, art, games, a new monetary system… Yo[...]

Read more
Tracking JNDI attacks: Hunting Log4Shell in your network
Tracking JNDI attacks: Hunting Log4Shell in your network

BlackArrow's Threat Hunting team uses a Minecraft server to illustrate the impact of Log4Shell from both an attacker's and defender's point of view[...]

Read more
1 2 3 4 7