Categories
Tags
Latest Advisories
2026
2 Advisories
04-01
CVE-2026-3991: Local Privilege Escalation in Symantec DLP Agent
02-17
CVE-2025-13176: Local Privilege Escalation in ESET Inspect EDR
2025
3 Advisories
11-25
CVE-2025-51682, CVE-2025-51683: Time Management Software SQLi-RCE
10-06
CVE-2025-10363: Unauthenticated RCE in Swiss Finance Software Topal
05-12
CVE-2025-47188: Mitel Phone Unauthenticated RCE
2019
1 Advisory
04-25
CVE-2019-10123: Logistics Sofware SQLi-RCE
Latest Blog Posts
Attacking EDRs Part 1: Intro & Security Analysis of EDR Drivers
This article gives an overview of the attack surface of EDR software and describes the process to search for attack surface on EDR drivers from a low-privileged user.
2025-02-10
|
2340 words
|
12 minutes
Tear Down The Castle - Part 2
To gain insight into common issues and patterns of misconfiguration, we analyzed 250 PingCastle reports collected from Incident Response cases and Compromise Assessments.
2025-01-23
|
1514 words
|
8 minutes
Tear Down The Castle - Part 1
To gain insight into common issues and patterns of misconfiguration, we analyzed 250 PingCastle reports collected from Incident Response cases and Compromise Assessments.
2025-01-19
|
1814 words
|
9 minutes
Breaking CAPTCHAs with image recognition
This article explains how image recognition services can be used to bypass (i.e. auto-solve) classical alphanumeric CAPTCHAs.
2023-09-09
|
1339 words
|
7 minutes