TARLOGIC's BLOG
Cybersecurity - Page 5

Cybersecurity articles with security analysis and ethical hacking technics information

CVE-2023-3519: 0-day vulnerability exploited the wild in Citrix NetScaler
CVE-2023-3519: 0-day vulnerability exploited the wild in Citrix NetScaler
S.T.A².R.S Team

On July 18, 2023, Citrix released information and updates to address a critical vulnerability (CVE-2023-3519) in NetScaler ADC and NetScaler Gateway.  This vulnerability allows un[...]

Read more
CVE-2023-33299: Unauthenticated remote code execution vulnerability in FortiNAC
CVE-2023-33299: Unauthenticated remote code execution vulnerability in FortiNAC
S.T.A².R.S Team

On June 19, 2023, Fortiguard published the information and updates to fix a critical vulnerability (CVE-2023-33299) in its FortiNAC software, which can allow an unauthorized access[...]

Read more
The ins and outs of BlueTrust, a Bluetooth vulnerability
The ins and outs of BlueTrust, a Bluetooth vulnerability
Antonio Vázquez and Jesús María Gómez

BlueTrust is a Bluetooth vulnerability that allows information about devices and users to be obtained and trust relationships to be traced BlueTrust is a mechanism for discovering [...]

Read more
CVE-2023-27997: Fortinet Fortigate SSL VPN Pre-Auth RCE critical vulnerability
CVE-2023-27997: Fortinet Fortigate SSL VPN Pre-Auth RCE critical vulnerability
S.T.A².R.S Team

Details have been disclosed about a critical vulnerability (CVE-2023-27997) affecting Fortinet Fortigate devices with exposed SSL VPN services. This vulnerability, which does not r[...]

Read more
CVE-2023-34362: SQL Injection in Progress Software’s MOVEit Transfer
CVE-2023-34362: SQL Injection in Progress Software’s MOVEit Transfer
S.T.A².R.S Team

On May 31, 2023, Progress informed about a critical vulnerability (CVE-2023-34362) in its MOVEit Transfer software, which could potentially lead to privilege escalation and unautho[...]

Read more
CVE-2023-32353: Local privilege escalation via iTunes in Windows
CVE-2023-32353: Local privilege escalation via iTunes in Windows
S.T.A².R.S Team

Information has been disclosed about a new high criticality vulnerability that affects the Apple iTunes software in Windows environments. This vulnerability would allow an attacker[...]

Read more
Some notes and reflections on the Terminator threat
Some notes and reflections on the Terminator threat
José Antonio Lancharro

Throughout the week, a tool called «Terminator» has been discussed in the media, which would allow attackers to disable antivirus, EDR, and XDR platforms. Terminator utilizes a w[...]

Read more
CVE-2023-2825: Critical vulnerability affects Gitlab
CVE-2023-2825: Critical vulnerability affects Gitlab
S.T.A².R.S Team

Information about a new critical vulnerability affecting Gitlab software has been disclosed. This vulnerability would allow a remote attacker to exploit a path traversal problem to[...]

Read more
CVE-2023-32233: Privilege escalation in Linux Kernel due to a Netfilter nf_tables vulnerability
CVE-2023-32233: Privilege escalation in Linux Kernel due to a Netfilter nf_tables vulnerability
S.T.A².R.S Team

Recently, a user-after-free vulnerability (CVE-2023-32233) has been published that would allow unprivileged local users to obtain root permissions on Linux Kernel versions 6.3.1 an[...]

Read more
CVE-2023-27363: Proof of concept for remote code execution in Foxit Reader
CVE-2023-27363: Proof of concept for remote code execution in Foxit Reader
S.T.A².R.S Team

Following the initial announcement of a critical vulnerability (CVE-2023-27363) which allows remote code execution in Foxit Reader, a functional proof-of-concept has recently been [...]

Read more
1 2 3 4 5 6 7 8 14
Advanced penetration testing services