OUR LATEST RESEARCH
CVE-2019-12750: Symantec Endpoint Protection Local Privilege Escalation – Part 1
A malicious application can take advantage of a vulnerability in Symantec Endpoint Protection to leak privileged information and/or execute code with higher privileges, thus taking full control over the affected host. Products Affected Symantec Endpoint [...]
Introducing SharpSocks v2.0
It has been over a year since we released the first version of SharpSocks, our proxy-aware reverse HTTP tunnelling SOCKS proxy. This post aims to provide a State of the Nation update for users. It [...]
Introducing PoshC2 v5.0
PoshC2 v5.0 is here and there are significant changes and improvements that we’re very excited to reveal! There's been a move to Python3, much improved documentation, significant functionality and quality of life improvements, and more. [...]
How to Exfiltrate AWS EC2 Data
As Cloud infrastructure has become common, it has also become common for penetration testers to find themselves attacking clients that rely on e.g. AWS or Azure environments for handling, storing, and processing critical data. There [...]
Maritime Malware Campaigns – Document Payloads
As part of our research into threats facing the marine and offshore sector, we recently uncovered an ongoing malware campaign. It makes use of specific maritime industry related document lures, and attempts to evade detection [...]