Sudo vulnerability ALARM

Сritical vulnerability affected much of the Linux ecosystem was patched on January 26 in Sudo. Sudo is an application that allows administrators to delegate limited root access to other users, by default the superuser. The vulnerability has the identifier CVE-2021-3156 or Baron Samedit. The vulnerability was identified by Qualys about two weeks ago, but it … Continue reading Sudo vulnerability ALARM

Uncommon but enlightening vulnerabilities with Microsoft and more

Not as many critical vulnerabilities as last week. This time it's mostly cool and non-standard vulnerabilities that are important to know about. For example, the KindleDrip attack shows a new way to exploit vulnerabilities. Or another vulnerability is that your kids could be little bug hunters. Vulnerabilities: No zero-days, DNSpooq, kids and bughunting;Tools: POCs and … Continue reading Uncommon but enlightening vulnerabilities with Microsoft and more

Payload detection WAF challenge

One of the things that we implemented early on in our lab is an semi-automated process of collecting some new payloads/exploits/bypass techniques from the public feeds (including Twitter) and checking whether our current WAF solutions can detect it. The Go Test WAF Introduction What if we can test their essential capability of payload detection with … Continue reading Payload detection WAF challenge

Lots of zero-day vulnerabilities, and how’s your start of the year?

There is one or more zero-day in each vulnerability section. Intel takes care of the threat from ransomware, the attacker gained access to Microsoft accounts, and, as usual, a little bit about the most interesting new malware with the highest impact. Vulnerabilities: Mostly zero-days;Tools: Outlook research + new tool, OSINT, web testing and defense evasion;News: … Continue reading Lots of zero-day vulnerabilities, and how’s your start of the year?

Hardcoded account in Zyxel, whatsapp user’s data → facebook and news about Julian Assange

At the beginning of the year there is not much news, but we were able to collect a digest with the loudest and coolest news. Vulnerabilities: Zyxel fail, cool bug in Google docs and new side-channel attack, + it's recommended to patch Nvidia drivers;Tools: Offensive staff only;News: Julian Assange, whatsapp transfers your data directly to … Continue reading Hardcoded account in Zyxel, whatsapp user’s data → facebook and news about Julian Assange