Select Page

CVE-2017-0199 exploitation with Cobalt Strike tutorial

Background CVE-2017-0199 leverages the way an OLE object is embedded into a Word/RTF document making it possible to execute its content without user interaction. OLE is supported by many different programs, and OLE is generally used to make content that is created in...

FortiOS Remote Access Web Portal – XSS Vulnerability

Overview: Fortinet delivers a comprehensive portfolio of security gateways and complementary products. FortiGate platforms integrate the FortiOSâ„¢ operating system with FortiASICâ„¢ processors and the latest-generation CPUs to provide comprehensive, high-performance...

GMAIL phishing attack saga

It all started a week ago. Some news hinted that some attackers were stealing domains taking advance of a Gmail vulnerability. Even when it was not confirmed, the story was Digged and generated quite a lot of buzz in the security community. It all seemed that a new...