20 February 2018
As big fans of open source, we feel the urge to support the community and contribute to the projects we like. And because our code is ugly as hell, we try to do it at least by reporting bugs and security vulnerabilities.
20 February 2018
People sometimes ask how to know what exact vulnerability was patched in particular piece of closed source software. In this blog, we would like to describe one such example from the Microsoft security bulletin.
8 February 2018
Although people working in the IT security industry may consider this question to be as trivial as "How to order a phone charger", for many, writing a purchase order for a penetration test can be like designing a nuclear power plant.
28 January 2018
The vulnerability exists due to insufficient filtration of user-supplied data. By exploiting this vulnerability, an attacker gains access to all records stored in the database with the privileges of the WebsiteBaker database user
28 January 2018
The thirty-second annual Chaos Communication Congress carried the tagline “Gated Communities”. CCC is probably the oldest hacker conference and “Gated communities” worked very well as a theme for this year.
28 January 2018
During penetration testing for a big customer, we hacked a number of Microsoft Windows servers. At one point, part of our attack was thwarted by ESET’s NOD32 system.