Tarlogic's Blog - Cybersecurity - Page 10

Cybersecurity articles with security analysis and ethical hacking technics information

Linux process infection
Linux process infection

[...]

Read more
SaSSHimi: Evading SSH AllowTcpForwarding
SaSSHimi: Evading SSH AllowTcpForwarding

[...]

Read more
Arecibo: an OOB exfiltration tool (DNS & HTTP)
Arecibo: an OOB exfiltration tool (DNS & HTTP)

[...]

Read more
Ubiquoss Switch VP5208A Vulnerability – CVE-2018-10024
Ubiquoss Switch VP5208A Vulnerability – CVE-2018-10024

Vendor: Ubiquoss Product: Ubiquoss Switch VP5208A Discovered by: Juan Manuel Fernandez – Tarlogic (@TheXC3LL) Ubiquoss Switch VP5208A Vulnerability – CVE-2018-10024 Cre[...]

Read more
Abusing SeLoadDriverPrivilege for privilege escalation
Abusing SeLoadDriverPrivilege for privilege escalation

0x01 – Preamble In Windows operating systems, it is well known that assigning certain privileges to user accounts without administration permissions can result in local privilege[...]

Read more
Interactive Shell via Bluetooth
Interactive Shell via Bluetooth

[...]

Read more
Pentests in restricted VDI environments
Pentests in restricted VDI environments

A common scenario during an assessment or a pentesting is starting it from a VDI environment, focused towards “what could an insider or an attacker who has stolen a worker[...]

Read more
Saifor CVMS Hub 1.3.1 Vulnerability – CVE-2018-6792
Saifor CVMS Hub 1.3.1 Vulnerability – CVE-2018-6792

Tarlogic Advisory: Tarlogic-2018-001 Title: SQL Injection in Saifor CVMS Hub 1.3.1 Discovered by: José Manuel Aparicio – Tarlogic (@jm_aparicio) Saifor Vulnerability –[...]

Read more
Exploiting Word: CVE-2017-11826
Exploiting Word: CVE-2017-11826

Coincidentially with the beginning of an APT simulation engagement in the Red Teaming, a patch was issued my Microsoft fixing some vulnerabilities (CVE-2017-11826) affecting MS Off[...]

Read more
Fuzzing Tales 0x01: Yadifa DNS
Fuzzing Tales 0x01: Yadifa DNS

[...]

Read more
1 7 8 9 10 11 12