This bulletin was written by Michal Nowakowski of the Kudelski Security Threat Detection & Research Team Update June 1st, 2022, 1830h UTC (2.30PM EDT) Microsoft
Tag: vulnerability
“INCONTROLLER” / “PIPEDREAM” ICS Toolkit Targeting Energy Sector
This advisory was written by Travis Holland and Eric Dodge of the Kudelski Security Threat Detection & Research Team Summary Incontroller/Pipedream is a collection of
[Updated] Log4Shell: Critical Severity Apache Log4j Remote Code Execution Being Actively Exploited (CVE-2021-44228 & CVE-2021-45046)
Update December 17th, 2021: Log4j 2.15.0 Vulnerability Upgraded from Low to Critical Severity (CVSS 9.0) – RCE possible in non-default configurations The Apache Software Foundation
SWD Bonus – MEM-AP security
Disclaimer : Since this vulnerability has been made public, here is a small blog post explaining the methodology we used to find and exploit the
CVE-2020-0601: the ChainOfFools/CurveBall attack explained with PoC
On Tuesday the 14th of January 2020, in the frame of their first Patch Tuesday of 2020, Microsoft addressed a critical flaw discovered by the
Heartbleed in a Nutshell
Since Monday, April 7, the Internet is being rocked by the news about Heartbleed (CVE_2014- 0160), a serious vulnerability in the popular OpenSSL crypto library. Our