Top-notch cybersecurity magazine

Up until recently, just a few people (aside from specialists) were aware of the Log4j logging utility. However, a vulnerability found in this library attracted to it a great attention from researches nowadays. Let’s take a closer look at the origin and operation mechanism of this bug and examine the available exploits to it.

WinAFL is a fork of the renowned AFL fuzzer developed to fuzz closed-source programs on Windows systems. All aspects of WinAFL operation are described in the official documentation, but its practical use – from downloading to successful fuzzing and first crashes – is not that simple.

When you investigate an incident, it’s critical to establish the exact time of the attack and method used to compromise the system. This enables you to track the entire chain of operations performed by the malefactor. Today, I will show how to do this using the Timesketch tool.

Is the phrase “This script contains malicious content and has been blocked by your antivirus software” familiar to you? It’s generated by Antimalware Scan Interface (AMSI), a protection mechanism embedded in Windows 10 that blocks the execution of malicious scripts. But can AMSI be bypassed? Sure, and today I will show how to do this.

Being employed with BI.ZONE, I have to exploit Blind SQL injection vulnerabilities on a regular basis. In fact, I encounter Blind-based cases even more frequently than Union- or Error-based ones. But how to raise the efficiency of such attack? This article provides an overview of approaches used to exploit Blind SQL injection and techniques expediting the exploitation.

Once a quarter, PostgreSQL publishes minor releases containing vulnerabilities. Sometimes, such bugs make it possible to make an unprivileged user a local king superuser. To fix them, Postgres DBAs release patches simultaneously with the updates and sleep peacefully. However, many forks share a large codebase with PG and remain vulnerable! I reviewed the historical Postgres CVEs in search of interesting security holes and found plenty of exciting stuff there.

As you are likely aware, forensic analysis tools quickly become obsolete, while hackers continuously invent new techniques enabling them to cover tracks! As a result, valiant DFIR (Digital Forensics and Incident Response) fighters suffer fiascoes on a regular basis. So, I suggest to put aside the outdated (but no less sharp Scalpel) for now and look around for new tools.