Blog
Alle Einträge von modzero.
-
PLAYGROUND
Tutorial: How we learned to love the doc(umentation)
14. Oktober 2024
Just read documentation to get RCE?! Our colleague Theresa designed a tutorial guiding you through an OpenVPN exploit scenario — for you to try at home!
-
DISCLOSURE
Beyond the @ Symbol: Exploiting the Flexibility of Email Addresses For Offensive Purposes
7. Juni 2024
We exploited an unauthenticated command injection within the spam filter appliance MailCleaner that can be triggered through a malicious email address.
-
DISCLOSURE
Multiple Vulnerabilities in Poly VoIP Products
29. Dezember 2023
We uncovered several vulnerabilities allowing an attacker in the network to take over a Poly VoIP device and turn it into a bug hidden in plain sight.
-
COMPANY
12th Anniversary
29. April 2023
Today we celebrate our 12th anniversary.
-
DISCLOSURE
Better Make Sure Your Password Manager Is Secure
19. Dezember 2022
We examined the password management solution Passwordstate of Click Studios and identified multiple high severity vulnerabilities.
-
COMPANY
Ridiculous Vulnerability Disclosure Process with CrowdStrike Falcon Sensor
22. August 2022
We publish a new advisory for a vulnerability in CrowdStrike Falcon Sensor as well as share our thoughts about the ridiculous disclosure process.
1 von 2
Vor ⟶
Alle Einträge von modzero.
-
PLAYGROUND
Tutorial: How we learned to love the doc(umentation)
14. Oktober 2024
Just read documentation to get RCE?! Our colleague Theresa designed a tutorial guiding you through an OpenVPN exploit scenario — for you to try at home!
-
DISCLOSURE
Beyond the @ Symbol: Exploiting the Flexibility of Email Addresses For Offensive Purposes
7. Juni 2024
We exploited an unauthenticated command injection within the spam filter appliance MailCleaner that can be triggered through a malicious email address.
-
DISCLOSURE
Multiple Vulnerabilities in Poly VoIP Products
29. Dezember 2023
We uncovered several vulnerabilities allowing an attacker in the network to take over a Poly VoIP device and turn it into a bug hidden in plain sight.
-
COMPANY
12th Anniversary
29. April 2023
Today we celebrate our 12th anniversary.
-
DISCLOSURE
Better Make Sure Your Password Manager Is Secure
19. Dezember 2022
We examined the password management solution Passwordstate of Click Studios and identified multiple high severity vulnerabilities.
-
COMPANY
Ridiculous Vulnerability Disclosure Process with CrowdStrike Falcon Sensor
22. August 2022
We publish a new advisory for a vulnerability in CrowdStrike Falcon Sensor as well as share our thoughts about the ridiculous disclosure process.