Tarlogic's Blog - Cybersecurity - Page 5

Cybersecurity articles with security analysis and ethical hacking technics information

OWASP FSTM, stage 1: Information gathering and reconnaissance
OWASP FSTM, stage 1: Information gathering and reconnaissance
- David Sandoval, Antonio Vázquez Blanco, Jesús Gómez y Fran Álvarez Wic

This article presents the first stage of the OWASP FSTM methodology for firmware analysis of IoT devices.[...]

Read more
If you trade in the Ethereum blockchain, you will lose your money. Here is why
If you trade in the Ethereum blockchain, you will lose your money. Here is why
- Jaime Fábregas

You think you have developed a sense of how to invest in the cryptocurrency market? Maybe you can look at a price graph, add a couple of indicators, and tell whether the price will[...]

Read more
Tracking Ethereum blockchain crypto attackers: Measuring sandwich attacks
Tracking Ethereum blockchain crypto attackers: Measuring sandwich attacks
- Jaime Fábregas

There are malicious actors perpetrating attacks in the Ethereum blockchain. However, due to its open and public nature, it is possible to identify and track down some of those atta[...]

Read more
CVE-2022-26134. Zero Day vulnerability affecting Atlassian Confluence
CVE-2022-26134. Zero Day vulnerability affecting Atlassian Confluence
- Oscar Mallo

A remote code execution vulnerability affecting Atlassian Confluence products has recently been identified and assigned CVE-2022-26134. This vulnerability is exploitable without re[...]

Read more
PLCTool plugin support
PLCTool plugin support
- Jesús María Gómez Moreno, Antonio Vázquez Blanco

The newly implemented plugin support of PLCTool allows for the addition of new functionalities without the need of modifying the base code This article presents PLCTool’s plugin [...]

Read more
Introduction to fuzzing: How to automatically discover bugs
Introduction to fuzzing: How to automatically discover bugs
- Antonio Vázquez Blanco

Fuzzing techniques are used to detect security breaches and other bugs by generating inputs not contemplated by the programmer ¿What’s Fuzzing? – Security testing Fuzz[...]

Read more
IoT and embedded devices security analysis following OWASP
IoT and embedded devices security analysis following OWASP
- Fran Álvarez Wic, Jesús María Gómez Moreno, Antonio Vázquez Blanco

  OWASP-FSTM methodology offers a standardized guide, step by step, of how to perform a security analysis on IoT and embedded devices. This guide is elaborated so that all pos[...]

Read more
Spring4Shell Vulnerability – CVE-2022-22965 and CVE-2022-22963
Spring4Shell Vulnerability – CVE-2022-22965 and CVE-2022-22963
- Nico Matovelle, Óscar Mallo, José Rabal

The Spring4Shell vulnerability affects a popular Java framework. Tarlogic analyzes the content and impact of this security breach.[...]

Read more
Dirty Pipe Vulnerability CVE-2022-0847
Dirty Pipe Vulnerability CVE-2022-0847
- Nico Matovelle, Óscar Mallo

This article describes the Dirty Pipe vulnerability (CVE-2022-0847), which initially affects the Linux kernel.[...]

Read more
PLCTool, the Swiss army knife of smart meters
PLCTool, the Swiss army knife of smart meters
- Fran AW, David Sandoval, Jesús Moreno, Antonio Vázquez

The following article is an introduction and description of the PLCTool project, along with a user’s guide to start investigating PRIME/DLMS networks and smart meters. As sup[...]

Read more
1 2 3 4 5 6 7 8 12
Advanced penetration testing services