Cybersecurity blog

Cybersecurity articles with security analysis and ethical hacking technics information

Ubiquoss Switch VP5208A Vulnerability – CVE-2018-10024
Ubiquoss Switch VP5208A Vulnerability – CVE-2018-10024

Vendor: Ubiquoss Product: Ubiquoss Switch VP5208A Discovered by: Juan Manuel Fernandez – Tarlogic (@TheXC3LL) Ubiquoss Switch VP5208A Vulnerability – CVE-2018-10024 Cre[...]

Read more
Abusing SeLoadDriverPrivilege for privilege escalation
Abusing SeLoadDriverPrivilege for privilege escalation

0x01 – Preamble In Windows operating systems, it is well known that assigning certain privileges to user accounts without administration permissions can result in local privilege[...]

Read more
Interactive Shell via Bluetooth
Interactive Shell via Bluetooth

[...]

Read more
Pentests in restricted VDI environments
Pentests in restricted VDI environments

A common scenario during an assessment or a pentesting is starting it from a VDI environment, focused towards “what could an insider or an attacker who has stolen a worker[...]

Read more
Saifor CVMS Hub 1.3.1 Vulnerability – CVE-2018-6792
Saifor CVMS Hub 1.3.1 Vulnerability – CVE-2018-6792

Tarlogic Advisory: Tarlogic-2018-001 Title: SQL Injection in Saifor CVMS Hub 1.3.1 Discovered by: José Manuel Aparicio – Tarlogic (@jm_aparicio) Saifor Vulnerability –[...]

Read more
Exploiting Word: CVE-2017-11826
Exploiting Word: CVE-2017-11826

Coincidentially with the beggining of an APT simulation engagement in the Red Team, a patch was issued my Microsoft fixing some vulnerabilities (CVE-2017-11826) affecting MS Office[...]

Read more
Fuzzing Tales 0x01: Yadifa DNS
Fuzzing Tales 0x01: Yadifa DNS

[...]

Read more
Vulnerabilities in Televes COAXDATA GATEWAY – CVE-2017-6532
Vulnerabilities in Televes COAXDATA GATEWAY – CVE-2017-6532

=============================== – Advisory – =============================== Title: Televes COAXDATA GATEWAY 1Gbps – Priv Escalation Risk: High Date: 19.Jul.2017 [...]

Read more
Protections against network privilege escalation
Protections against network privilege escalation

The application of perimeter security controls in each layer of any infrastructure as well as hardening measures in systems enable limiting an intruder lateral movement in the netw[...]

Read more
Kerberos tickets: Comprehension and exploitation
Kerberos tickets: Comprehension and exploitation

The main aim of this post is explaining the most common attacks that can be carried out in a security audit or pentest of Kerberos protocol used in Microsoft active directory domai[...]

Read more
1 2 3 4 5 6 7