An analysis of an in-the-wild iOS Safari WebContent to GPU Process exploit 2023-10-13 18:47:0 | 阅读: 13 | 收藏 | Blog - Atredis Partners - www.atredis.com security client atredis proposal engagements

Symbolic Triage: Making the Best of a Good Situation 2022-11-1 02:40:45 | 阅读: 23 | 收藏 | www.atredis.com symbolic violation debugger pml crash

Part 1: Ransomware – To Pay or Not to Pay The consultants here at Atredis Partners have delivered a lot of Incident Response table-top exercis... 2022-8-23 01:50:54 | 阅读: 31 | 收藏 | www.atredis.com ransomware attackers firm paying advance

Researching Crestron WinCE Devices 2022-7-2 21:33:2 | 阅读: 16 | 收藏 | www.atredis.com crestron simpl toolbox lpz ssh

Veni, MIDI, Vici — Conquering CVE-2022-22657 and CVE-2022-22664 Recently, Apple pushed two security fixes for issues in the way GarageBand and Logic Pro X parsed... 2022-3-29 22:0:0 | 阅读: 40 | 收藏 | www.atredis.com garageband midi atredis timidity 000053

Unauthenticated Remote Code Execution Chain in SysAid ITIL -- CVE-2021-43971, CVE-2021-43972, CVE-2021-43973, CVE-2021-43974 2022-1-6 23:0:0 | 阅读: 106 | 收藏 | www.atredis.com sysaid premises itil

Exploring Unified Diagnostic Services with uds-zoo Today we are releasing a new project that will be useful for learning and exploration of attacking a... 2021-10-29 22:47:45 | 阅读: 26 | 收藏 | www.atredis.com uds vehicle 14229 network handful

Sophos UTM Preauth RCE: A Deep Dive into CVE-2020-25223 OverviewOn a recent client engagement I was placed in a Virtual Private Cloud (VPC) instance with th... 2021-08-19 03:30:00 | 阅读: 134 | 收藏 | www.atredis.com confd 510 sophos9 webadmin plx

Le Zeek, C’est Chic: Using an NSM for Offense 2021-05-21 01:47:58 | 阅读: 103 | 收藏 | www.atredis.com

CVE-2021-32030: ASUS GT-AC2900 Authentication Bypass 2021-05-06 20:46:18 | 阅读: 151 | 收藏 | www.atredis.com ifttt asus alexa endian ac2900

NANDcromancy: Live Swapping NAND Flash 2021-04-27 03:39:19 | 阅读: 125 | 收藏 | www.atredis.com nand cfe ffffffff loader tap

QEMU and U: Whole-system tracing with QEMU customization 2021-04-16 03:06:30 | 阅读: 106 | 收藏 | www.atredis.com tcg pstart translated paddr processes

Authenticated RCE in Pydio (Forever-Day) -- CVE-2020-28913 Pydio (formerly AjaXplorer) is an open source web application for remotely managing and sharing file... 2020-12-07 23:00:00 | 阅读: 66 | 收藏 | www.atredis.com pydio atredis php ajxp sox

A Watch, a Virtual Machine, and Broken Abstractions 2020-11-18 02:00:00 | 阅读: 42 | 收藏 | www.atredis.com tvm garmin firmware prg machine

Flamingo Captures Credentials Far too many products will blindly spray credentials across the network as part of discovery, monito... 2020-01-28 00:04:21 | 阅读: 57 | 收藏 | www.atredis.com flamingo ssh responder security

Use the Source, Luke 2019-08-28 02:00:36 | 阅读: 47 | 收藏 | www.atredis.com client devs software chairs centric

CVE-2019-4061: Harvesting Data from BigFix Relay Servers 2019-03-19 00:45:48 | 阅读: 46 | 收藏 | www.atredis.com bigfix 52311 masthead attacker

CVE-2019-5513: Information Leaks in VMWare Horizon 2019-03-16 03:07:06 | 阅读: 67 | 收藏 | www.atredis.com broker straight mathews facing

CVE-2018-7117: A Somewhat Accidental XSS in HPE iLO At Atredis Partners, we often use dedicated lab networks for testing devices. This helps isolate th... 2019-03-09 03:45:00 | 阅读: 41 | 收藏 | www.atredis.com network dhcp ilo attacker hpe

Fun with SolarWinds Orion Cryptography IntroductionWe run into a wide variety of network management solutions during our security assessmen... 2018-10-26 17:21:42 | 阅读: 49 | 收藏 | www.atredis.com orion network database ncm username