RF Fortune Telling: Frequency Hopping Predictability

RF Fortune Telling: Frequency Hopping Predictability

| | Vulnerability Research
In the world of wireless communications, security vulnerabilities in implemented protocols canremain hidden behind layers of complexity. What appears secure due to the intricate nature ofRF communications may harbor fundamental weaknesses. Let’s ...
residentagent_process

Skeletons in the Closet: Legacy Software, Novel Exploits

| | Vulnerability Research
The Praetorian team recently discovered a new vulnerability in Ivanti Endpoint Manager (EPM) which serves as a reminder to be aware of legacy systems - patch regularly and test often. The post ...

Patch Tuesday Update – November 2024

The post Patch Tuesday Update - November 2024 appeared first on Digital Defense ...
Identifying SQL Injections in a GraphQL API

Identifying SQL Injections in a GraphQL API

| | Vulnerability Research
Overview Many vulnerabilities in modern web applications occur due to the improper handling of user-supplied input. Command injection, cross-site scripting, XML External Entity (XXE) injections, and SQL injections all emerge from the ...

Patch Tuesday Update – October 2024

The post Patch Tuesday Update - October 2024 appeared first on Digital Defense ...

Patch Tuesday Update – September 2024

The post Patch Tuesday Update - September 2024 appeared first on Digital Defense ...

Introducing Goffloader: A Pure Go Implementation of an In-Memory COFFLoader and PE Loader

We are excited to announce the release of Goffloader, a pure Go implementation of an in-memory COFFLoader and PE loader. This tool is designed to facilitate the easy execution of Cobalt Strike ...
3CX-fig-01

3CX Phone System Local Privilege Escalation Vulnerability

Overview In an effort to safeguard our customers, we perform proactive vulnerability research with the goal of identifying zero-day vulnerabilities that are likely to impact the security of leading organizations. Recently, we ...

Patch Tuesday Update – August 2024

The post Patch Tuesday Update - August 2024 appeared first on Digital Defense ...
Image 1

Exploiting Lambda Functions for Fun and Profit

Overview Praetorian recently performed an assessment of a platform responsible for downloading and building untrusted, user-supplied code. The client was concerned about the possibility of attackers leveraging this process to compromise the ...