OUR LATEST RESEARCH
CVE-2017-16245 & CVE-2017-16246: Avecto Defendpoint Multiple Vulnerabilities
Avecto Defendpoint is an endpoint protection product which, according to the Avecto website, will: “Prevent breaches without hindering productivity. Avecto combines best-in-class privilege management and application control, making admin rights removal simple and scalable across [...]
Python Server for PoshC2
We are delighted to announce the release of our PoshC2 Python Server, allowing cross-platform support. Over the past six months we have been working on a Python server for PoshC2, which allows it to be [...]
COM and the PowerThIEf
Recently, Component Object Model (COM) has come back in a big way, particularly with regards to it being used for persistence and lateral movement. In this blog we will run through how it can also [...]
CVE-2018-6851 to CVE-2018-6857: Sophos Privilege Escalation Vulnerabilities
We have recently disclosed a list of vulnerabilities to Sophos that allow local attackers to elevate their privileges and execute code in the security context of the SYSTEM user account. Affected Products SafeGuard Enterprise 8.00.4 [...]
CVE-2018-10956: Unauthenticated Privileged Directory Traversal in IPConfigure Orchid Core VMS
Affected Software: IPConfigure Orchid Core VMS (All versions < 2.0.6, tested on Linux and Windows) Vulnerability: Unauthenticated Privileged Directory Traversal CVE: CVE-2018-10956 Impact: Arbitrary File Read Access Metasploit module: https://github.com/nettitude/metasploit-modules/blob/master/orchid_core_vms_directory_traversal.rb Summary of Vulnerability IPConfigure Orchid Core VMS is a [...]