/var/log/messages

AutoCAD - Designing a Kill Chain

By Matt Hillman and Tim Carrington on 22 February 2019

MWR identified software vulnerabilities and native features in AutoDesk’s AutoCAD software suite that can be used to compromise users and perform numerous attacker actions.

+ read more

Article

Ventures into Hyper-V - Fuzzing hypercalls

By Amardeep Chana on 15 February 2019

Hyper-V is a virtualization platform built by Microsoft from over a decade ago. In recent years it has taken front stage and become core to the Microsoft Azure cloud platform, and introduced a variety of powerful...

+ read more

Article

What the Fuzz

By Felix Schmidt on 23 January 2019

This blog post covers the basics of fuzzing, introduces several fuzzing tools and outlines a selection of recent fuzzing research in three sections.

+ read more

Article

CAPTCHA-22: Breaking Text-Based CAPTCHAs with Machine Learning

By Gina Horscroft and Tinus Green on 17 January 2019

We’ve all been there before. You’re looking at a simple CAPTCHA and you think to yourself, I can crack that. Maybe it’s a dead-simple picture of some slanted text, maybe it has a couple of lines...

+ read more

Article

Attacking Kubernetes through Kubelet

By Alexandre Kaskasoli on 11 January 2019

This post discusses abusing the kubelet default configuration to gain privileged access to the kube-apiserver on a Kubernetes cluster. This can also lead to code execution on the nodes.

+ read more

Article

Twinkly Twinkly Little Star

By Mark Barnes on 21 December 2018

It's Christmas and what better way of celebrating this festive season than hacking some smart Christmas lights?

+ read more

Article

HP NonStop Basics

By Graeme Robinson and Phil Keeble on 2 November 2018

Since 1976, HP NonStop (Originally introduced by Tandem Computers Inc. before being owned by Compaq and finally HP) has been a widely used integrated hardware/software stack to support critical services such as Automated Teller Machines (ATMs),...

+ read more

Article

Undisable Restricted Admin

By David Yates on 31 October 2018

Originally introduced for Windows 8.1 and Server 2012 R2, Restricted Admin mode is a Windows feature that prevents storing an RDP user’s credentials in memory on the machine to which an RDP connection is made.

+ read more

Article

Debugging Released Xamarin Android Applications

By Emanuele Cesari and Ross Donald on 21 September 2018

As mobile applications become more and more essential for even small businesses, increasing the efficiency of development is key. Cross-platform Mobile Development Frameworks such as Xamarin allow a single codebase to be shared among iOS, Android...

+ read more

Article

DNS Rebinding Headless Browsers

By Alexandre Kaskasoli on 23 August 2018

This article describes the use of HTTP Referer headers to execute DNS rebinding attacks on AWS-hosted analytics systems, leading to a compromise of the cloud environment.

+ read more

Article

A Guide to Repacking iOS Applications

By on 23 July 2018

Jailbreaking iOS getting harder with every new version released, repacking and resigning iOS applications to be sideloaded on non-jailbroken iOS device has been a subject that has generated significant interest from security researchers in recent years.

+ read more

Article

Bypassing Memory Scanners with Cobalt Strike and Gargoyle

By William Burgess on 18 July 2018

This blog post will present research into attempting to bypass memory scanners using Cobalt Strike’s beacon payload and the gargoyle memory scanning evasion technique.

+ read more