As a web application penetration tester, I commonly come across applications using outdated software components, sometimes just a few versions behind, other times several years out of date. This issue […]
Offensive Security
Finding Enterprise Credentials in Data Breaches: How to Detect Exposure
Threat actors thrive on stolen credentials, and enterprise emails are often their top prize. While much attention is given to zero-days and vulnerabilities, leaked credentials from third-party data breaches are […]
Cybersecurity 4.0: The Need for Continuous Learning in the Age of AI
Organizations are continuing to grapple with a cybersecurity talent shortage during a time of rapid growth of AI-driven threats. The rise in AI usage applies not only to security teams […]
Obtaining Domain Admin Privileges on a Segmented Network, From NFS to DA Using DFIR Tools
On a recent internal penetration test, I was able to obtain Domain Admin privileges in a segmented network by calling on my ancient digital forensics skill set. I got my […]
Exploiting Kaseya Unitrends Backup Appliance – Part 2
This is the second installment of the Exploiting Unitrends series and will focus on several critical unauthenticated SQL Injection vulnerabilities leading to remote code execution.
Exploiting Kaseya Unitrends Backup Appliance – Part 1
Multiple vulnerabilities were discovered in the Unitrends Backup appliance and client software. An attacker with network access to the management interface or backup ports on the client or server could be exploited to compromise the machine. Both suffer from critical remote code execution vulnerabilities.
How To Reverse Engineer the SolarWinds Hack
When it comes to security incidents involving malware, most of us rely on the information provided by the investigating firm to understand what the malware does, why it does it, […]
Multiple Vulnerabilities Discovered in Aviatrix
Versions Tested: Aviatrix Cloud Controller UserConnect-5.3.1516 Aviatrix VPN Client 2.8.2 Product: https://aviatrix.com/cloud-network-platform/ Security Advisories: https://docs.aviatrix.com/HowTos/security_bulletin_article.html Summary: CyberOne discovered multiple vulnerabilities in the Aviatrix Cloud Controller appliance v5.3.1516 and Aviatrix VPN client v2.8.2 […]
Local Privilege Escalation Vulnerability Discovered in VMware Fusion
Summary: VMware Fusion contains a local privilege escalation vulnerability that allows an attacker to inject a malicious path into the system-wide PATH environment variable. Versions Tested: VMware Fusion Professional v15.5.5 […]
Critical Vulnerabilities Discovered in MoFi Routers
Versions Tested: Product: https://mofinetwork.com/ CVE Numbers: Summary: Multiple critical vulnerabilities have been discovered in the MoFi4500 router, an OpenWRT based wireless router that provides Internet access via LTE. The initial […]