Entries by Tom Wilson

CVE-2017-16245 & CVE-2017-16246: Avecto Defendpoint Multiple Vulnerabilities

Avecto Defendpoint is an endpoint protection product which, according to the Avecto website, will: “Prevent breaches without hindering productivity. Avecto combines best-in-class privilege management and application control, making admin rights removal simple and scalable across desktops and servers to ensure security and compliance.” This post focuses on the “application control” aspect of Avecto. Last year […]

Apache mod_python for red teams

Nettitude’s red team engagements are typically designed to be as highly targeted and as stealthy as possible. For the command and control (C2) infrastructure, this means layering several techniques. We hide all of our C2 infrastructure behind a number of Apache web servers Any traffic to the C2 is checked against an IP whitelist IP […]

HMRC Phishing Scam

In the last few days, Nettitude’s threat intelligence platform has picked up a mass phishing campaign – involving the distribution over nearly two million individual emails – targeting HMRC customers. The attackers attempt to obtain personal details by directing the user to click a link in the e-mail, which then redirects them to a compromised […]