Penetration Testing Blog

Gigabyte motherboards backdoor

Backdoor was found in Gigabyte motherboards

As the functionality of BIOS firmware expands, an absence of sound security planning during development can leave vulnerabilities ripe for exploitation by cybercriminals. For instance, Firmware security firm Eclypsium has unearthed a backdoor in...

RaidForums members leaked

Data of 478,000 RaidForums members leaked online

RaidForums, a now-defunct clandestine hacker forum known primarily for its role in data breaches and trading, was a hotbed for hackers routinely engaged in nefarious activities such as ransomware operations. Some members of this...

rpcfirewall

rpcfirewall v2.0.2 releases: Open Source Ransomware Kill Switch Tool

rpcfirewall: Open Source Ransomware Kill Switch Tool Why should I care? RPC is the underlying mechanism which is used for numerous lateral movement techniques, reconnaissance, relay attacks, or simply to exploit vulnerable RPC services. DCSync attack? over RPC. Remote DCOM?...

Web Application Firewall

coraza v3.0 releases: OWASP Coraza Web Application Firewall

OWASP Coraza Web Application Firewall Welcome to OWASP Coraza WAF, Coraza is a golang enterprise-grade Web Application Firewall framework that supports Modsecurity’s seclang language and is 100% compatible with OWASP Core Ruleset. Coraza v2...