1 June 2020
How a single simple form submission can be manipulated to gain control of any Virtual Machine (VM) within VMware Cloud Director. The story of a critical vulnerability that enables a full infrastructure takeover.
4 June 2019
Is there 100% error free software? Is there 100% secure software? The answer to both questions is NO, but don't panic.
24 May 2019
Intigriti published a DOM XSS Challenge available at Intigriti’s bug bounty platform. The assignment was to exploit a DOM XSS vulnerability on this page and to trigger a pop up of the document.domain (challenge.intigriti.io).
17 April 2019
There’s no official testing standard for Smart Contracts. But that doesn’t mean you should leave your code untested. Here’s how we approach audits that go beyond checklists.
14 November 2018
The goal of this blogpost is to show what needs to be done to have a secure working setup, explain why all of the countermeasures are really necessary by demonstrating the attacks that they are mitigating, to not reveal your origin IP address.
20 February 2018
People sometimes ask how to know what exact vulnerability was patched in particular piece of closed source software. In this blog, we would like to describe one such example from the Microsoft security bulletin.