28 January 2018
In Summer 2016, as we cranked up our efforts to get deep into the Industry Security landscape, we had the pleasure to host Christine Kinch as our intern and researcher.
28 January 2018
During penetration testing for a big customer, we hacked a number of Microsoft Windows servers. At one point, part of our attack was thwarted by ESET’s NOD32 system.
28 January 2018
Keybase.io is a service that according to their website “maps your identity to your public keys, and vice versa.”. It is also doing other optional things such as an encrypted filesystem and synchronized key management.
28 January 2018
Perimeter security is broken. Industrial systems are exposed. And attackers are always one step ahead. At Citadelo, we’ve crafted a masterplan to flip the odds — from honeypots to bug bounties to real-time traps.
28 January 2018
Microsoft won’t patch this one — so we did. CVE-2014-4971 is a known privilege escalation vulnerability in the MSMQ service on Windows XP. Citadelo’s unofficial hotfix helps secure legacy systems against this active exploit.
28 January 2018
The vulnerability exists due to insufficient filtration of user-supplied data. By exploiting this vulnerability, an attacker gains access to all records stored in the database with the privileges of the WebsiteBaker database user