Log4j Vulnerability Documentation What is Log4j? Log4j is a widely used java-based logging library, It is part of the Apache Logging services. Log4j is a […]
Category: Vulnerability
Defending against account takeover (ATO) attack.
Account takeover is a form of identity theft and fraud, where a malicious third party successfully gains access to a user’s account credentials. A successful […]
CVEs Aiding Initial Access for Ransomware Gangs – Microsoft Office
Microsoft Office CVEs 2017-0199, 2017-11882, 2021-40444 In this write up we explore briefly the following Microsoft CVEs – CVE 2017-0199, CVE 2017-11882, and CVE 2021-40444 […]
The QR Code Attack Vector
QR stands for “Quick Response” and QR codes are square-shaped machine-readable data formats that are useful for anything that needs to be scanned automatically. Before […]
Mitigating Windows Print Spooler “PrintNightmare” Vulnerability.
Microsoft has acknowledged the new vulnerability that affects the Windows Print Spooler service, giving attackers leverage to execute remote code with system-level privileges on all […]
VMware ESXi and vSphere Client Affected by Critical RCE Vulnerability
VMware has addressed multiple critical remote code execution (RCE) vulnerabilities in VMware ESXi and vSphere Client virtual infrastructure management platform that may allow attackers to […]