Sometimes, things just do not work out as planned. Last week’s Truesec Tech Talk was one of those things. We are sorry that some of our viewers did experience technical difficulties connecting – and that our demos did not play accordingly. We have investigated the issues and are working closely with the platform provider to […]

Yes that it is true. The high severity vulnerability identified by CVE-2020-1350, reported here, affects all versions of Windows DNS Server from 2003 to 2020 and since DNS servers are usually Domain Controllers, that results in obtaining Domain Admin privileges. SIGRed is a wormable vulnerability with a CVSSv3 score of 10.0, the highest, and triggered by […]

När världen och vi människor är under attack på ett sätt vi kanske aldrig sett förut, så lägger de kriminella aktörerna i nästa växel. Vi översköljs av än det ena, än det andra “erbjudandet” kopplat till Coronaviruset. Varför är det så? Jo, för att det fungerar. Låt oss nu se till att iallafall göra det […]

Introduction On February 11th, Microsoft released a patch for Microsoft Exchange Server (all versions), addressing a serious vulnerability allowing any authenticated user to execute arbitrary commands with SYSTEM privileges. The vulnerability was given CVE number CVE-2020-0688. This is possible because all Exchange servers use the same static key to encrypt/decrypt ViewState. Attackers can specify arbitrary […]

Insecure deserialization is a common vulnerability (OWASP TOP10) that very often leads to arbitrary code execution. Today, I’m going to explain how to turn a seemingly harmless deserialization into code execution. This recently came in handy for me in a penetration test of a PHP/Laravel based application. Before we jump down the rabbit hole, I’ll […]