REMOTE CODE EXECUTION |
| 2021-02-13 | Guy Bruneau | vSphere Replication updates address a command injection vulnerability (CVE-2021-21976) - https://www.vmware.com/security/advisories/VMSA-2021-0001.html |
| 2013-02-16 | Lorna Hutcheson | Fedora RedHat Vulnerabilty Released |
| 2012-03-16 | Russ McRee | MS12-020 RDP vulnerabilities: Patch, Mitigate, Detect |
| 2011-08-11 | Guy Bruneau | BlackBerry Enterprise Server Critical Update |
| 2010-05-12 | Rob VandenBrink | Adobe Shockwave Update |
| 2010-03-10 | Rob VandenBrink | Microsoft Security Advisory 981374 - Remote Code Execution Vulnerability for IE6 and IE7 |
REMOTE |
| 2024-06-17/a> | Xavier Mertens | New NetSupport Campaign Delivered Through MSIX Packages |
| 2022-10-07/a> | Xavier Mertens | Critical Fortinet Vulnerability Ahead |
| 2021-05-14/a> | Xavier Mertens | "Open" Access to Industrial Systems Interface is Also Far From Zero |
| 2021-02-13/a> | Guy Bruneau | vSphere Replication updates address a command injection vulnerability (CVE-2021-21976) - https://www.vmware.com/security/advisories/VMSA-2021-0001.html |
| 2020-09-29/a> | Xavier Mertens | Managing Remote Access for Partners & Contractors |
| 2020-08-22/a> | Guy Bruneau | Remote Desktop (TCP/3389) and Telnet (TCP/23), What might they have in Common? |
| 2019-09-24/a> | Xavier Mertens | Huge Amount of remotewebaccess.com Sites Found in Certificate Transparency Logs |
| 2017-11-25/a> | Guy Bruneau | Exim Remote Code Exploit |
| 2015-10-12/a> | Guy Bruneau | Critical Vulnerability in Multiple Cisco Products - Apache Struts 2 Command Execution http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131023-struts2 |
| 2013-09-18/a> | Rob VandenBrink | Cisco DCNM Update Released |
| 2013-02-16/a> | Lorna Hutcheson | Fedora RedHat Vulnerabilty Released |
| 2012-08-22/a> | Adrien de Beaupre | Apple Remote Desktop update fixes no encryption issue |
| 2012-03-16/a> | Russ McRee | MS12-020 RDP vulnerabilities: Patch, Mitigate, Detect |
| 2011-11-28/a> | Tom Liston | A Puzzlement... |
| 2011-11-19/a> | Pedro Bueno | Dragon Research Group (DRG) announced the white paper entitled "VNC: Threats and Countermeasures" : https://dragonresearchgroup.org/insight/vnc-tac.html |
| 2011-08-11/a> | Guy Bruneau | BlackBerry Enterprise Server Critical Update |
| 2010-12-19/a> | Raul Siles | Intel's new processors have a remote kill switch (Anti-Theft 3.0) |
| 2010-10-19/a> | Rob VandenBrink | Cyber Security Awareness Month - Day 19 - Remote Access Tools |
| 2010-10-19/a> | Rob VandenBrink | Cyber Security Awareness Month - Day 19 - Remote User VPN Tunnels - to Split or not to Split? |
| 2010-10-19/a> | Rob VandenBrink | Cyber Security Awareness Month - Day 19 - Remote User VPN Access – Are things getting too easy, or too hard? |
| 2010-10-19/a> | Rob VandenBrink | Cyber Security Awareness Month - Day 19 - VPN and Remote Access Tools |
| 2010-05-12/a> | Rob VandenBrink | Adobe Shockwave Update |
| 2010-03-15/a> | Adrien de Beaupre | Spamassassin Milter Plugin Remote Root Attack |
| 2010-03-10/a> | Rob VandenBrink | Microsoft Security Advisory 981374 - Remote Code Execution Vulnerability for IE6 and IE7 |
| 2010-02-02/a> | Guy Bruneau | Cisco Secure Desktop Remote XSS Vulnerability |
| 2009-11-14/a> | Adrien de Beaupre | Microsoft advisory for Windows 7 / Windows Server 2008 R2 Remote SMB DoS Exploit released |
| 2009-11-12/a> | Rob VandenBrink | Windows 7 / Windows Server 2008 Remote SMB Exploit |
| 2008-05-06/a> | Marcus Sachs | Industrial Control Systems Vulnerability |
| 2008-03-13/a> | Jason Lam | Remote File Include spoof!? |
| 2006-11-20/a> | Joel Esler | MS06-070 Remote Exploit |
CODE |
| 2025-03-10/a> | Xavier Mertens | Shellcode Encoded in UUIDs |
| 2024-12-31/a> | Xavier Mertens | No Holiday Season for Attackers |
| 2024-08-23/a> | Jesse La Grew | Pandas Errors: What encoding are my logs in? |
| 2024-08-19/a> | Xavier Mertens | Do you Like Donuts? Here is a Donut Shellcode Delivered Through PowerShell/Python |
| 2023-12-06/a> | Guy Bruneau | Revealing the Hidden Risks of QR Codes [Guest Diary] |
| 2023-07-28/a> | Xavier Mertens | ShellCode Hidden with Steganography |
| 2023-03-16/a> | Xavier Mertens | Simple Shellcode Dissection |
| 2023-03-07/a> | Johannes Ullrich | Hackers Love This VSCode Extension: What You Can Do to Stay Safe |
| 2022-11-04/a> | Xavier Mertens | Remcos Downloader with Unicode Obfuscation |
| 2022-09-14/a> | Xavier Mertens | Easy Process Injection within Python |
| 2022-05-30/a> | Xavier Mertens | New Microsoft Office Attack Vector via "ms-msdt" Protocol Scheme (CVE-2022-30190) |
| 2022-02-26/a> | Guy Bruneau | Using Snort IDS Rules with NetWitness PacketDecoder |
| 2022-01-22/a> | Xavier Mertens | Mixed VBA & Excel4 Macro In a Targeted Excel Sheet |
| 2022-01-20/a> | Xavier Mertens | RedLine Stealer Delivered Through FTP |
| 2022-01-06/a> | Xavier Mertens | Malicious Python Script Targeting Chinese People |
| 2022-01-05/a> | Xavier Mertens | Code Reuse In the Malware Landscape |
| 2021-12-10/a> | Xavier Mertens | Python Shellcode Injection From JSON Data |
| 2021-10-20/a> | Xavier Mertens | Thanks to COVID-19, New Types of Documents are Lost in The Wild |
| 2021-08-20/a> | Xavier Mertens | Waiting for the C2 to Show Up |
| 2021-02-13/a> | Guy Bruneau | vSphere Replication updates address a command injection vulnerability (CVE-2021-21976) - https://www.vmware.com/security/advisories/VMSA-2021-0001.html |
| 2021-01-18/a> | Didier Stevens | Doc & RTF Malicious Document |
| 2020-10-14/a> | Xavier Mertens | Nicely Obfuscated Python RAT |
| 2020-09-02/a> | Xavier Mertens | Python and Risky Windows API Calls |
| 2020-08-06/a> | Xavier Mertens | A Fork of the FTCode Powershell Ransomware |
| 2020-07-27/a> | Didier Stevens | Analyzing Metasploit ASP .NET Payloads |
| 2019-12-12/a> | Xavier Mertens | Code & Data Reuse in the Malware Ecosystem |
| 2019-10-27/a> | Didier Stevens | Using scdbg to Find Shellcode |
| 2019-07-08/a> | Didier Stevens | Machine Code? No! |
| 2019-07-04/a> | Didier Stevens | Machine Code? |
| 2019-05-31/a> | Didier Stevens | Retrieving Second Stage Payload with Ncat |
| 2019-05-30/a> | Didier Stevens | Analyzing First Stage Shellcode |
| 2019-05-06/a> | Didier Stevens | Text and Text |
| 2019-05-01/a> | Xavier Mertens | Another Day, Another Suspicious UDF File |
| 2019-04-23/a> | Didier Stevens | Malicious VBA Office Document Without Source Code |
| 2019-03-24/a> | Didier Stevens | Decoding QR Codes with Python |
| 2019-02-25/a> | Didier Stevens | Sextortion Email Variant: With QR Code |
| 2019-01-02/a> | Didier Stevens | Maldoc with Nonfunctional Shellcode |
| 2018-09-24/a> | Didier Stevens | Analyzing Encoded Shellcode with scdbg |
| 2018-09-08/a> | Didier Stevens | Video: Using scdbg to analyze shellcode |
| 2018-09-03/a> | Didier Stevens | Another quickie: Using scdbg to analyze shellcode |
| 2018-08-31/a> | Jim Clausing | Quickie: Using radare2 to disassemble shellcode |
| 2018-06-04/a> | Rob VandenBrink | Digging into Authenticode Certificates |
| 2017-04-16/a> | Johannes Ullrich | Tool to Detect Active Phishing Attacks Using Unicode Look-Alike Domains |
| 2016-11-24/a> | Didier Stevens | Extracting Shellcode From JavaScript |
| 2016-11-18/a> | Didier Stevens | VBA Shellcode and Windows 10 |
| 2016-09-26/a> | Didier Stevens | VBA and P-code |
| 2015-09-21/a> | Xavier Mertens | Detecting XCodeGhost Activity |
| 2015-03-30/a> | Didier Stevens | YARA Rules For Shellcode |
| 2013-10-25/a> | Johannes Ullrich | PHP.net compromise aftermath: Why Code Signing Beats Hashes |
| 2013-08-04/a> | Johannes Ullrich | BBCode tag "[php]" used to inject php code |
| 2013-02-16/a> | Lorna Hutcheson | Fedora RedHat Vulnerabilty Released |
| 2012-07-19/a> | Mark Baggett | A Heap of Overflows? |
| 2012-04-26/a> | Richard Porter | Packetstorm Security and Metasploit have Exploit code for MS12-027 |
| 2012-04-25/a> | Daniel Wesemann | Blacole's shell code |
| 2012-03-16/a> | Russ McRee | MS12-020 RDP vulnerabilities: Patch, Mitigate, Detect |
| 2012-03-11/a> | Johannes Ullrich | An Analysis of Jester's QR Code Attack. (Guest Diary) |
| 2011-08-11/a> | Guy Bruneau | BlackBerry Enterprise Server Critical Update |
| 2011-08-03/a> | Johannes Ullrich | Malicious Images: What's a QR Code |
| 2011-03-07/a> | Bojan Zdrnja | Oracle padding attacks (Codegate crypto 400 writeup) |
| 2010-05-12/a> | Rob VandenBrink | Adobe Shockwave Update |
| 2010-03-10/a> | Rob VandenBrink | Microsoft Security Advisory 981374 - Remote Code Execution Vulnerability for IE6 and IE7 |
| 2010-02-08/a> | Adrien de Beaupre | When is a 0day not a 0day? Fake OpenSSh exploit, again. |
| 2009-08-08/a> | Guy Bruneau | XML Libraries Data Parsing Vulnerabilities |
| 2009-05-29/a> | Lorna Hutcheson | VMWare Patches Released |
| 2008-07-22/a> | Mari Nichols | ‘Cold Boot’ Attack Utility Tools |
| 2008-06-10/a> | Swa Frantzen | Ransomware keybreaking |
EXECUTION |
| 2022-05-30/a> | Xavier Mertens | New Microsoft Office Attack Vector via "ms-msdt" Protocol Scheme (CVE-2022-30190) |
| 2021-02-13/a> | Guy Bruneau | vSphere Replication updates address a command injection vulnerability (CVE-2021-21976) - https://www.vmware.com/security/advisories/VMSA-2021-0001.html |
| 2017-11-25/a> | Guy Bruneau | Exim Remote Code Exploit |
| 2015-10-12/a> | Guy Bruneau | Critical Vulnerability in Multiple Cisco Products - Apache Struts 2 Command Execution http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131023-struts2 |
| 2013-09-18/a> | Rob VandenBrink | Cisco DCNM Update Released |
| 2013-02-16/a> | Lorna Hutcheson | Fedora RedHat Vulnerabilty Released |
| 2012-03-16/a> | Russ McRee | MS12-020 RDP vulnerabilities: Patch, Mitigate, Detect |
| 2011-08-11/a> | Guy Bruneau | BlackBerry Enterprise Server Critical Update |
| 2010-05-12/a> | Rob VandenBrink | Adobe Shockwave Update |
| 2010-03-10/a> | Rob VandenBrink | Microsoft Security Advisory 981374 - Remote Code Execution Vulnerability for IE6 and IE7 |
| 2009-08-08/a> | Guy Bruneau | XML Libraries Data Parsing Vulnerabilities |
| 2009-05-29/a> | Lorna Hutcheson | VMWare Patches Released |
