CVE-2022-30190 dubbed Follina is a zero-day, “zero-click” (if saved as .rft) remote code execution technique used through MSDT (Microsoft Diagnostics Tool) and Microsoft Office utilities […]
Category: Vulnerability
Wazuh Enabling SOC Meet Deliverables
In this blog post, we shall be reviewing how Wazuh can be used to deliver some of the capabilities expected from a Security Operation Center. […]
Log4j Vulnerabilities & Mitigations
Log4j Vulnerability Documentation What is Log4j? Log4j is a widely used java-based logging library, It is part of the Apache Logging services. Log4j is a […]
Defending against account takeover (ATO) attack.
Account takeover is a form of identity theft and fraud, where a malicious third party successfully gains access to a user’s account credentials. A successful […]
CVEs Aiding Initial Access for Ransomware Gangs – Microsoft Office
Microsoft Office CVEs 2017-0199, 2017-11882, 2021-40444 In this write up we explore briefly the following Microsoft CVEs – CVE 2017-0199, CVE 2017-11882, and CVE 2021-40444 […]
The QR Code Attack Vector
QR stands for “Quick Response” and QR codes are square-shaped machine-readable data formats that are useful for anything that needs to be scanned automatically. Before […]