News
28 January 2018
Unofficial Patch Tuesday – MSMQ Privilege Escalation Vulnerability Hotfix
Microsoft won’t patch this one — so we did. CVE-2014-4971 is a known privilege escalation vulnerability in the MSMQ service on Windows XP. Citadelo’s unofficial hotfix helps secure legacy systems against this active exploit.
28 January 2018
How We Bypassed NOD32 and Hacked a Paranoid Customer
During penetration testing for a big customer, we hacked a number of Microsoft Windows servers. At one point, part of our attack was thwarted by ESET’s NOD32 system.
26 January 2018
We found vulnerability of CMS Made Simple
CMS Made Simple is a free, open source CMS to provide developers, programmers and site owners a web-based development and administration area. In 2010 it won the Packt Publishing annual award for open source content management.
26 January 2018
ExtendedMacro – BurpSuite plugin
BurpSuite Proxy is one of the most used HTTP proxy application for web penetration testers. This tool is one of the best in its category, but sometimes we encounter a situation requiring additional functionality which is not provided by Burp itself.
20 October 2015
The Critical State of Industrial Control Systems Security
"Finally we are beginning to address the problem that we have already had in years.” This laconic sentence can sum up the conclusions of the first conference focused on security of industrial control systems (ICS).
13 February 2014
Protect Your Data Online with These 3 Free Chrome Add-ons
Your browser can be a gateway for tracking, data leaks, and annoying ads. Learn how to take control with three free Chrome extensions that encrypt your connections, block trackers, and clean up your web experience — no tech skills required.