Cybersecurity blog

Cybersecurity articles with security analysis and ethical hacking technics information

Ubiquoss Switch VP5208A Vulnerability – CVE-2018-10024
Ubiquoss Switch VP5208A Vulnerability – CVE-2018-10024

Vendor: Ubiquoss Product: Ubiquoss Switch VP5208A Discovered by: Juan Manuel Fernandez – Tarlogic (@TheXC3LL) Ubiquoss Switch VP5208A Vulnerability – CVE-2018-10024 Cre[...]

Read more
Abusing SeLoadDriverPrivilege for privilege escalation
Abusing SeLoadDriverPrivilege for privilege escalation
- Oscar Mallo

0x01 – Preamble In Windows operating systems, it is well known that assigning certain privileges to user accounts without administration permissions can result in local privilege[...]

Read more
Interactive Shell via Bluetooth
Interactive Shell via Bluetooth
- Juan Manuel Fernandez

[...]

Read more
Pentests in restricted VDI environments
Pentests in restricted VDI environments
- Viatcheslav Zhilin

A common scenario during an assessment or a pentesting is starting it from a VDI environment, focused towards “what could an insider or an attacker who has stolen a worker[...]

Read more
Saifor CVMS Hub 1.3.1 Vulnerability – CVE-2018-6792
Saifor CVMS Hub 1.3.1 Vulnerability – CVE-2018-6792

Tarlogic Advisory: Tarlogic-2018-001 Title: SQL Injection in Saifor CVMS Hub 1.3.1 Discovered by: José Manuel Aparicio – Tarlogic (@jm_aparicio) Saifor Vulnerability –[...]

Read more
Exploiting Word: CVE-2017-11826
Exploiting Word: CVE-2017-11826
- Javier Gil

Coincidentially with the beggining of an APT simulation engagement in the Red Team, a patch was issued my Microsoft fixing some vulnerabilities (CVE-2017-11826) affecting MS Office[...]

Read more
Fuzzing Tales 0x01: Yadifa DNS
Fuzzing Tales 0x01: Yadifa DNS
- Javier Gil

[...]

Read more
Vulnerabilities in Televes COAXDATA GATEWAY – CVE-2017-6532
Vulnerabilities in Televes COAXDATA GATEWAY – CVE-2017-6532

=============================== – Advisory – =============================== Title: Televes COAXDATA GATEWAY 1Gbps – Priv Escalation Risk: High Date: 19.Jul.2017 [...]

Read more
Protections against network privilege escalation
Protections against network privilege escalation
- Ciber 4 All Team

The application of perimeter security controls in each layer of any infrastructure as well as hardening measures in systems enable limiting an intruder lateral movement in the netw[...]

Read more
Kerberos tickets: Comprehension and exploitation
Kerberos tickets: Comprehension and exploitation
- Eloy Pérez

The main aim of this post is explaining the most common attacks that can be carried out in a security audit or pentest of Kerberos protocol used in Microsoft active directory domai[...]

Read more
1 2 3 4 5 6 7
Know all about cybersecurity and ethical hacking