OUR LATEST RESEARCH
CVE-2019-13021, 22, 23: JETSELECT Network Segregation Application
Nettitude are disclosing three vulnerabilities discovered as part of a security assessment on board a superyacht. These vulnerabilities have now had patches published by the vendor, and an appropriate time period has elapsed to allow [...]
CVE-2019-12750: Symantec Endpoint Protection Local Privilege Escalation – Part 2
In this post we will walk you through a more sophisticated method of exploiting CVE-2019-12750. This is a local privilege escalation vulnerability that affects Symantec Endpoint Protection. The method of exploitation described in this post [...]
CVE-2019-12750: Symantec Endpoint Protection Local Privilege Escalation – Part 1
A malicious application can take advantage of a vulnerability in Symantec Endpoint Protection to leak privileged information and/or execute code with higher privileges, thus taking full control over the affected host. Products Affected Symantec Endpoint [...]
Introducing SharpSocks v2.0
It has been over a year since we released the first version of SharpSocks, our proxy-aware reverse HTTP tunnelling SOCKS proxy. This post aims to provide a State of the Nation update for users. It [...]
Introducing PoshC2 v5.0
PoshC2 v5.0 is here and there are significant changes and improvements that we’re very excited to reveal! There's been a move to Python3, much improved documentation, significant functionality and quality of life improvements, and more. [...]