API security is a crucial aspect of any organization’s digital strategy, but it can be challenging to implement and maintain. In this blog post, we […]
Category: Vulnerability
Comparing CVSS and EPSS: Addressing CVSS Problems with EPSS
What is CVSS? CVSS, or the Common Vulnerability Scoring System, can be viewed as the weather forecast for cybersecurity professionals. CVSS a free and open […]
Beyond Fake INEC Portal, Threat Actor Targeting Users In 3 African Countries
Just some days ago, a fake INEC recruitment portal shows up in our space. And several media houses have reported INEC issuing a disclaimer around […]
Bypassing AV with Hoaxshell – Windows Defenders
T3l3machu recently released Hoaxshell and Villain, both of which are excellent tools that easily make it to our red team operations arsenal. What makes these […]
Follina – An Actively Exploited Microsoft Zero-Day
CVE-2022-30190 dubbed Follina is a zero-day, “zero-click” (if saved as .rft) remote code execution technique used through MSDT (Microsoft Diagnostics Tool) and Microsoft Office utilities […]
Wazuh Enabling SOC Meet Deliverables
In this blog post, we shall be reviewing how Wazuh can be used to deliver some of the capabilities expected from a Security Operation Center. […]