Latest Posts

Scam Android app steals Bank Credentials and SMS: MyPetronas APK

Confluence Pre-Auth Remote Code Execution via OGNL Injection (CVE-2022-26134)

CVE-2022-30190 aka "Follina" MSDT: Advisory and Technical Analysis

Scam and Malicious APK targeting Malaysian: MyMaidKL Technical Analysis

RTF template injection sample targeting Malaysia

Broken Access Control To Post-Auth Remote Code Execution in Webmin

Multiple vulnerabilities in LibreNMS

Technical Malware Analysis: The return of Emotet

OS Command Injection In Laravel Framework (CVE-2020-19316)

Analysis of Compromised for Gitlab’s CVE-2021-22205

Discovering Linux ELF beacon of Cobalt Strike tool

Unauthenticated Blind SQL Injection Vulnerability In PEEL Shopping (CVE-2021-37593)

Forward AWS WAF log to Splunk

RTF template injection

Lemon-Duck Cryptominer Technical Analysis

Deobfuscating Emotet Macro Document and Powershell command

SolarWinds Attack: Sunburst's DLL Technical Analysis

2020 Review: How APTs leveraging Malicious Document

CAPE Sandbox installation from 0 to hero