Penetration Testing Blog

circumventing EDR

Bypass EDR Detection with CrimsonEDR

CrimsonEDR CrimsonEDR is an open-source project engineered to identify specific malware patterns, offering a tool for honing skills in circumventing Endpoint Detection and Response (EDR). By leveraging diverse detection methods, it empowers users to...

RansomHouse ransomware

Double Trouble: RansomHouse’s Extortion Tactics Revealed

The RansomHouse ransomware group exemplifies the sophisticated, profitable, and adaptable nature of modern cyber extortion campaigns. Emerging in late 2021, their operations blend technical efficiency with psychological pressure, maximizing their potential takings. RansomHouse’s double...

CVE-2024-22245 and CVE-2024-22250

CVE-2024-22245 & 22250: VMware Vulnerabilities Demand Immediate Action

VMware has released an urgent security advisory regarding two critical vulnerabilities within its now-deprecated Enhanced Authentication Plug-in (EAP). If left unaddressed, threat actors could exploit these flaws (CVE-2024-22245 and CVE-2024-22250) to hijack user sessions and...