CVE-2017-8116: Teltonika router unauthenticated remote code execution

/
We sometimes require internet connectivity in situations where…

BSides Edinburgh 2017 Crypto Contest Write Up

/
Recently, at the inaugural BSides Edinburgh, Ben Turner and…
Shadow Brokers Exploit Table

A quick analysis of the latest Shadow Brokers dump

/
Just in time for Easter, the Shadow Brokers released the latest…
Disassembly

Carbon Black - Security Advisories: CVE-2016-9570, CVE-2016-9568 and CVE-2016-9569

/
Nettitude have discovered three vulnerabilities in Carbon Black;…
Sample LogParser SQL query

Effectively analysing sysmon logs

/
We previously covered setting up and using sysmon (System Monitor),…

Putting attackers in hi vis jackets with sysmon

/
Background Sysmon (short for system monitor) has been part of…

More XSS Shenanigans

/
In September, we released our XSS Payloads collection of scripts…
Bypass with well-placed breakpoints using LLDB

Who owns your runtime?

/
Can mobile applications trust their own runtime environment?…
Create a caption for the OLE object

Fun with Windows binaries - application whitelist bypass using msiexec

/
We were inspired by the work @subTee has done with application…