Blog

Core Security article thumbnail
Blog

CVE-2026-2636: Using ReadFile with Handle of Opened .blf Log File Produces an Unrecoverable State in CLFS.sys Causing a BSoD

By Ricardo Narvaja on Wed, 02/25/2026
IntroductionWhile researching the Common Log File System (CLFS) to analyze a published vulnerability, I achieved remote code execution (RCE). However, after modifying certain values in a proof of concept (PoC), I observed that it triggered a non‑exploitable blue screen of death (BSoD) on the target system. Consequently, I am reporting this issue. This document helps the reader understand the BSoD...
Penetration Testing
new exploit blog
Blog

Core Impact Chronicle: Exploits and Updates | H2 2025

By Pablo Zurro on Fri, 02/06/2026
Core Impact Exploit Library AdditionsOne of Core Impact’s most valuable features is its certified exploit library, maintained by a team (formerly Core Labs) within the Fortra Intelligence & Research Experts (FIRE) group. This team conducts in-depth research to evaluate and prioritize the most critical vulnerabilities, ensuring the library is updated with high-impact, reliable exploits that enable...
Penetration Testing
blog article thumbnail
Blog

Core Impact 21.8: The No-Agent Agent

By Pablo Zurro on Tue, 12/09/2025
We’re excited to share what’s new in Core Impact v21.8! This release is all about making your penetration testing workflows more efficient, more integrated, and easier to manage. Let’s dive into the highlights.Smarter Agent DeploymentAgents are at the heart of Core Impact, and we’ve made them even better:New OSCI Agent Entity In many cases, it is very difficult to get an agent deployed on a...
Penetration Testing
new exploit blog
Blog

What's New in Impacket's 0.13 Release?

By Gabi Gonzalez on Wed, 10/22/2025
Our next Impacket release is almost ready to land. Since 0.12, we have been hard at work tackling long-standing feature requests and merging valuable patches from the community. Thanks to these efforts, this release is full of enhancements and improvements that we are excited for users to see. Here's a look at the highlights from the forthcoming release.New Attack Paths and Relay TricksRelay...
Offensive Cybersecurity
Blog

7 Overlooked Attack Vectors Lurking in Your Office Environment

Wed, 10/22/2025
Today’s cybercriminals prefer an easy entrance just as much as a sophisticated exploit. And most often, that’s where they start. Here is a list of seven overlooked attack vectors in which a serious threat could pop up, enter the network, and do serious damage. Remember: While many enterprise cybersecurity approaches are shooting high, a larger number of cybercriminals are “looking low.”1. Printers...
Blog

The Strategic Value of Offensive Security

Fri, 10/17/2025
For anyone who’s been in cybersecurity for even the past five years, the trends are as unprecedented as they are obvious; attacks are now more sophisticated, subtle, and scalable than ever before. Cybercriminals use AI to automatically find vulnerabilities, the mean time-to-exploit has now dropped to only 5 days (down from 32), and there is little to stop spray-and-pray campaigners from...
Offensive Cybersecurity
Penetration Testing
Blog

How Pen Testing Shines a Light on Your Hidden Technical Debt

Wed, 10/15/2025
Technical debt can have cybersecurity consequences. Even teams that feel they know exactly what needs fixing are often surprised at what a team of outside hackers can do – as they so often are during a breach.So how can you determine what’s emergency-worthy technical debt? Your backlog might not show it, but your pen test will.Technical Debt as Attack SurfaceIt’s difficult, if not impossible, to...
Penetration Testing
dashboard-main
Blog

Customizable Reports with Core Impact

Thu, 09/25/2025
Streamline Penetration Testing Documentation with Flexible, Automated ReportsCore Impact's robust reporting capabilities have evolved significantly in the last few years, empowering penetration testers and security professionals to generate customized reports that align with specific organizational needs and compliance requirements. With the latest version and ongoing enhancements, Core Impact...
Blog

How Cyber Weaknesses Lead to Empty Shelves: An Offensive Security View

By Katrina Thompson on Tue, 09/23/2025
Empty grocery shelves can be caused by natural disasters, wars, and trade embargoes, as we’ve seen in recent years. But they can also be the result of successful cyberattacks, which could be more preventable than the other three agents of chaos. Whether a company sells computer chips or potato chips, if the logistics of production, distribution, or sale are disrupted, shelves will remain empty...
Offensive Cybersecurity
Penetration Testing
blog
Blog

Offensive Security Is Now a Must: How CISOs Can Justify OffSec Investment

By Katrina Thompson on Wed, 09/10/2025
With emerging attacks coming harder, faster, and more ingeniously than ever before, organizations can’t afford to sit around and wait for attackers to tell them where their weak spots are. They need to get ahead of and around them with offensive security tactics; think penetration testing and red teaming. Unfortunately, for board members and stakeholders not on the security front lines, OffSec...
Offensive Cybersecurity
Penetration Testing
Red Team
Blog

SEC Readiness: 12 Reasons Why Your Offensive Security Matters More Than Ever

Mon, 09/08/2025
With the U.S. Securities and Exchange Commission’s (SEC) new cybersecurity disclosure rules in full effect as of December 2023, public companies — and even the vendors that support them — are now under unprecedented pressure to not only report material cyber incidents within four business days but also demonstrate robust, actionable cybersecurity plans. This is pushing offensive security (OffSec)...
Offensive Cybersecurity
Blog

Completing the Circle: The Path to CVE-2025-7388

By Marcos Accossatto on Thu, 09/04/2025
On March 6, 2024, Zach Hanley from Horizon3.ai wrote a blog post about reproducing CVE-2024-1403 using an authentication bypass in Progress OpenEdge.In the blog post, he explained the architecture behind OpenEdge and all the technical information related to the CVE-2024-1403 vulnerability. In the same blog post, he also posted a proof of concept (POC) to exploit the vulnerability. However, as this...
new exploit blog
Blog

Core Impact Quarterly Chronicle: Exploits and Updates | Q2 2025

By Pablo Zurro on Fri, 08/22/2025
Core Impact Exploit Library AdditionsOne of Core Impact’s most valuable features is its certified exploit library, maintained by a team (formerly Core Labs) within the Fortra Intelligence & Research Experts (FIRE) group. This team conducts in-depth research to evaluate and prioritize the most critical vulnerabilities, ensuring the library is updated with high-impact, reliable exploits that enable...
Penetration Testing
Black and white photo of hospital environment with lock icon overlay
Blog

Proposed HIPAA Update Makes Yearly Pen Testing Mandatory

By Katrina Thompson on Thu, 07/17/2025
In early 2025, significant changes to the HIPAA Security Rule were proposed by the Office of Civil Rights for the Department of Health and Human Services (OCR). The proposed update to the HIPAA Security Rule, published on January 6, 2025, introduces a significant new requirement: all covered entities and business associates must conduct penetration...
Penetration Testing
Compliance
blog article thumbnail
Blog

Core Impact 21.7: Transform Your Agents

By Pablo Zurro on Wed, 04/30/2025
We’re excited to announce the release of Core Impact 21.7, packed with powerful new features, thoughtful enhancements, and critical fixes that further solidify Core Impact as a go-to solution for penetration testers. This update focuses on extending agent customization options, improving integration with external tools, and optimizing the overall user experience.Agent TransformationsThis new...
Offensive Cybersecurity
Penetration Testing
new exploit blog
Blog

Core Impact Quarterly Chronicle: Exploits and Updates | Q1 2025

By Pablo Zurro on Mon, 04/07/2025
Core Impact Updates New Release: Core Impact 21.7Core Impact 21.7 is now available! This release sees the introduction of the new agent transformation callbacks, a newer UI for the entity's creation dialogs, a series of quality-of-life changes, and more.A more extensive post will be published detailing all the new features and their use cases. Core Impact Exploit Library AdditionsOne of Core...
Penetration Testing
new exploit blog
Blog

Core Impact Monthly Chronicle: Exploits and Updates | December 2024-January 2025

By Pablo Zurro on Wed, 02/19/2025
Core Impact Exploit Library AdditionsOne of Core Impact’s most valuable features is its certified exploit library, maintained by a team (formerly Core Labs) within the Fortra Intelligence & Research Experts (FIRE) group. This team conducts in-depth research to evaluate and prioritize the most critical vulnerabilities, ensuring the library is updated with high-impact, reliable exploits that enable...
Offensive Cybersecurity
Penetration Testing
blog article thumbnail
Blog

Core Impact and Cobalt Strike: Distinct Strengths, Enhanced Combination

By Pablo Zurro on Thu, 01/23/2025
Given its functionality as a multifaceted toolset, there are some features of Core Impact that users may not have taken advantage of. In this post, we’ll talk about SOCKS tunneling. Namely, we’ll walk through use cases of Core Impact’s SOCKS proxy capabilities and how to use it together with Cobalt Strike.What is SOCKS Tunneling?SOCKS Tunneling allows operators to run Core Impact modules and...
Offensive Cybersecurity
new exploit blog
Blog

Core Impact Monthly Chronicle: Exploits and Updates | November 2024

By Daniel De Luca on Thu, 12/12/2024
Core Impact Exploit Library Additions One of Core Impact’s most valuable features is its certified exploit library. Fortra’s Core Security has a team of expert exploit writers that conduct research, evaluating and prioritizing the most relevant vulnerabilities in order to update the library with critical and useful exploits. Additionally, the QA team creates its own clean environment to validate...
Offensive Cybersecurity
new exploit blog
Blog

Core Impact Monthly Chronicle: Exploits and Updates | October 2024

By Pablo Zurro on Fri, 11/08/2024
Core Impact Updates NTMLrelayx MultiRelay and Keep-Relaying Support The latest update to Impacket 0.12 introduces the MultiRelay and keep-relaying modes, allowing users to run relays for extended periods and analyze captured connections for each target. The NTLMrelayx module will continuously relay new incoming connections until manually stopped. This feature, combined with the Connection Store...
Offensive Cybersecurity
Penetration Testing