Uncategorized

Introduction A Vulnerability Researcher’s Favorite Stress Relief Continuing in our series of research findings involving Netgear1 products,2 this blog post describes a pre-authentication vulnerability in Netgear SOHO Devices that can lead to Remote Code Execution (RCE) as root. While our previous research investigated the Netgear web server and update daemons, the issues described in this blog revolve […]

Introduction If you’re running a big enough network, chances are you have a monitoring server tucked away somewhere, silently watching and waiting to let you know if something goes wrong. This same quiet IT warrior is also a juicy target for attackers because it both houses a large amount of data about your network and also serves

Introduction This blog post details a vulnerability, the exploitation of which results in Remote Code Execution (RCE) as root, that impacts many modern Netgear Small Offices/Home Offices (SOHO) devices. The vulnerability isn’t your typical router vulnerability, in that the source of the vulnerability is located within a third-party component included in the firmware of many

(This is part 2 of a three part series.  To view part 1, click here) Network Configuration This part in the three-part “Geeking Out on IBM i” series focused on network configuration. This series is an effort to make IBM i (AS/400) lingo and concepts easily accessible to the hacker community, hoping to reduce the barrier

I remember the first time I tried to work on Linux.  Having spent most of my computer-time on DOS, Windows, and OS/2, many things on Linux were foreign to me.  I had unix access in college and had to develop programs in C using VI and GCC, but it was often the little things like

Introduction Cleaning your domain clock Sometimes we grow to like the old software we’ve become familiar with over the years, but because as users we only see the facade of an interface and functionality, we don’t know what risks may exist in something as simple as a clock. The bar is high for enterprise software: