Blog Archive

• Compromising Azure cloud through sensitive API permissions
• This is how easy it is to hack a smart home
• DFIR Guide: Best book of the year
• Security Concerns in an Electro-Stimulator Device
• Red Wizard - User friendly, automated infrastructure for Red Team - Part 1
• Timeroasting: Attacking Trust Accounts in Active Directory
• What is social engineering and what can you do about it?
• Secura participates in the REWIRE Research and Innovation Action
• BIO for Municipalities: A Fill-in Exercise or Truly Safe?
• Living-off-the-webpage: Space-efficient Persistent XSS to RCE in FortiADC
• How a Malicious App Has Been Targeting FIFA Qatar Fans
• It's not just about knowledge on cybersecurity, it's also about behavior
• Secura Develops 'BrokenAzure.Cloud', a CTF Tool to Test Azure Cloud Knowledge
• Trilogy ‘Research to the Human Behavior in Cybersecurity’
• TPM Sniffing Attacks Against Non-Bitlocker Targets
• Log4Shell: How does it work and what steps to take?
• Ponemon 2021 State of Industrial Cybersecurity
• IoT products required to meet minimum security standards starting 2024
• OWASP Top 10 - 2021
• iOS Apps on ARM Macs: Pentesting Opportunities | Part II
• iOS Apps on ARM Macs: Pentesting Opportunities
• How Secure is a CIS/AWS Compliant Cloud Environment?
• How Small Vulnerabilities Become a Recipe for Disaster
• Hacking Jenkins to prevent a cloud data breach
• Pentester’s View on “Digital Twins Technology”
• CVE Awards 2020
• Zerologon: Instantly Become Domain Admin by Subverting Netlogon Cryptography (CVE-2020-1472)
• Thousands of Euros Lost to Spoofing
• Yes! Een incident!
• Concealed Information in the Windows Registry
• How do I select a security awareness solution for my business?
• Creating a path through IoT Security with ETSI EN 303 645
• ETSI Releases New EN 303 645 Standard for Consumer IoT
• Severe Citrix Vulnerability Update: Implications and Protection
• How to stay 100% safe online? Let me show you how by hacking your Facebook account!
• Kerberoasting - Exploiting Kerberos to Compromise Microsoft Active Directory
• Taking over Windows Systems with a Netlogon Man-in-the-Middle Attack (CVE-2019-1424)
• IoT Solar Inverters & Trickle-Down Vulnerabilities
• Attacking and mitigating Windows PXE environments
• Own Your Own Home: Home Camera Takeover
• Abusing Bash for Windows (Cygwin, WSL)