The new format of Microsoft monthly updates have proven challenging to reverse engineer. We’ve figured out a workaround that we hope will be helpful.
In the original format, the Microsoft updates have always included the full files to patch, and from there it’s relatively straightforward to work on reversing and diffing through only extracting, without installing the patch.
Penetration testing has become an increasingly standard exercise, with organizations using either pen testing services or in-house teams to uncover weaknesses and assess their security posture.
Ransomware, as an active variant of current malware, has undoubtedly undergone a series of changes that have allowed cyber criminals to expand the horizons of clandestine business. In order to try to understand the different "forms" ransomware has presented over time, this article will show the evolutionary line of this latent threat in a compact and concrete way.
In part 6, we learned how to understand a shellcode and its resolver. Now, we will continue with the analysis and resolution of abo2 in GHIDRA.
Download ABO2 executable. The latest version is on Google drive.
As you may already know, when a penetration test or Red Team exercise in being executed, it is important to define the objective of the project.
On August 5th, ethical hacker and cybersecurity professional Antoine Goichot posted on twitter that three vulnerabilities he had discovered on Cisco AnyConnect (CVE-2020-3433, CVE-2020-3434, and CVE-2020-3435) were now public. The next day, he published a follow-up blogpost on github.
Pen testing is a well-established practice for many organizations. With such diverse environments consisting of different applications from different vendors, it’s safe to assume security weaknesses are lurking somewhere. But why aren’t these security flaws found earlier, by the creators themselves? In this blog, we’ll explore why applications should also go through security testing and review during the development stage.
Title: Cisco AnyConnect Posture (HostScan) Security Service Multiple Vulnerabilities
Advisory ID: CORE-2021-0001
Advisory URL: https://www.coresecurity.com/core-labs/advisories/cisco-anyconnect-posture-hostscan-security-service-local-privilege-escalation (Retired)
Date published: 2021-02-17
Date of last update: 2020-02-17
The global chaos of last year was also seen in the digital world, as cyber attackers were seemingly relentless in their efforts. Such activity underscores the importance of penetration testing to assess and test security vulnerabilities, which allow you to better evaluate risk and be ready to detect, prevent and respond to threats as they happen.