The OpenConnect VPN client, on all supported platforms, suffered from a possible information leak that could result in an attacker with elevated local privileges obtaining plaintext credentials. This VPN security vulnerability has now been patched and assigned CVE-2018-20319. Affected Software Vendor website: https://www.infradead.org/openconnect/ Affected versions: OpenConnect client – Windows, Linux, Mac OS X, Android, Solaris, […]
Author Archive for: Tom Wilson
About Tom Wilson
This author has yet to write their bio.Meanwhile lets just say that we are proud Tom Wilson contributed a whooping 10 entries.
Entries by Tom Wilson
Avecto Defendpoint is an endpoint protection product which, according to the Avecto website, will: “Prevent breaches without hindering productivity. Avecto combines best-in-class privilege management and application control, making admin rights removal simple and scalable across desktops and servers to ensure security and compliance.” This post focuses on the “application control” aspect of Avecto. Last year […]
Nettitude’s red team engagements are typically designed to be as highly targeted and as stealthy as possible. For the command and control (C2) infrastructure, this means layering several techniques. We hide all of our C2 infrastructure behind a number of Apache web servers Any traffic to the C2 is checked against an IP whitelist IP […]
We’ve recently been conducting some reverse engineering and vulnerability analysis on an Anti Virus (AV) product and wanted to attach Rohitab API Monitor to one of the AV’s running processes so that I could log the Windows API function calls in order to better understand how the AV was implemented. The AV in question was […]