Welcome to Nettitude Labs
You are here: Home
EMEA
1 Jephson Court
Trancred Close
Leamington Spa
Warwickshire
CV31 3RZ
Trancred Close
Leamington Spa
Warwickshire
CV31 3RZ
Americas
50 Broad Street
Suite 403
New York
NY
10004
Suite 403
New York
NY
10004
Detecting PoshC2 – Indicators of Compromise
/0 Comments/in Blog, PoshC2 /by Rob BoneAs a counterpart to the release of PoshC2 version 6.0 we are providing a list of some of its Indicators of Compromise (IoCs), particularly as used out-of-the-box, as well as some other effective methods for detecting it in your environment. We also introduce the new PoshC2 Detections GitHub repository at https://github.com/nettitude/PoshC2_IOCs that will be continually updated […]
CVE-2019-16384, 85: Cyblesoft Thinfinity VirtualUI – Path Traversal, HTTP Header Injection
/0 Comments/in Advisories, Blog /by Tom JacksonNettitude discovered two vulnerabilities within Cyblesoft’s Thinfinity VirtualUI web application. The findings include path traversal and HTTP header injection, which could be leveraged to execute an XSS payload. Thinfinity VirtualUI enables Windows-based desktop applications to function as cross-browser, cross-device web applications, which can be run on a Windows environment or be accessed remotely from a […]
Introducing PoshC2 v6.0
/0 Comments/in Blog, PoshC2 /by Rob Bone and Ben TurnerWe are pleased to release the latest version of PoshC2 – v6.0. Version 6.0 includes a number of significant and exciting features, in addition to the usual plethora of bug fixes and small improvements. In this blog post, we take a look at some of the more significant changes and feature rich enhancements to make […]
CVE-2019-13021, 22, 23: JETSELECT Network Segregation Application
/0 Comments/in Blog /by Tom MacDonaldNettitude are disclosing three vulnerabilities discovered as part of a security assessment on board a superyacht. These vulnerabilities have now had patches published by the vendor, and an appropriate time period has elapsed to allow for a patching window aboard the vessels. JETSELECT The JETSELECT application is supplied by JetStream, a technology company specialising in […]
CVE-2019-12750: Symantec Endpoint Protection Local Privilege Escalation – Part 2
/0 Comments/in Blog /by Kyriakos EconomouIn this post we will walk you through a more sophisticated method of exploiting CVE-2019-12750. This is a local privilege escalation vulnerability that affects Symantec Endpoint Protection. The method of exploitation described in this post works, at the time of writing, on all versions of Windows.
CVE-2019-12750: Symantec Endpoint Protection Local Privilege Escalation – Part 1
/0 Comments/in Blog /by Kyriakos EconomouA malicious application can take advantage of a vulnerability in Symantec Endpoint Protection to leak privileged information and/or execute code with higher privileges, thus taking full control over the affected host.