The latest cybersecurity research and threat analysis by Safe Security experts. Learn how emerging cybersecurity threats impact your organization and how to tackle them in this series of technical deep-dives. Plus, explore our leading research in cyber risk quantification models, modelling the financial impact of cyber risk, and cyber insurance.
Microsoft Exchange Server-Side Forgery Request (Proxylogin)
This security research article explores how the CVE-2021-26855 vulnerability functions, how it impacts systems and users, and how you can mitigate the risk.
“Dirty Pipe” Linux Local Privilege Esacalation [CVE-2022-0847]
Read this security research blogpost to learn how the CVE-2022-0847 can be exploited using a proof of concept, and how it affects you.
Critical RCE Vulnerability in F5 BIG-IP [CVE-2022-26352]
A research case study on F5’s BIG-IP product critical RCE vulnerability – describing its function, impact, and possible mitigation strategies.
Critical RCE in dotCMS Content Management Software
An in-depth analysis of a critical RCE in the dotCMS Content Management Software. Find out how the vulnerability works and how to manage the risk.
AWS Lambda Command Injection
Explore how an attack can be performed using a command injection vulnerability in AWS' Lambda Functions, and the steps you can take to prevent it.
PwnKit: Local Privilege Escalation Vulnerability
PwnKit: Discover the exploitation techniques used by attackers for this vulnerability, and how your team can mitigate the risk.
Exploitation of Spring4shell in the Wild
Spring4Shell is a vulnerability of critical severity affecting Java’s most popular framework, Spring.
WordPress LiteSpeed Cache Vulnerability [CVE-2020-29172]
Learn more about this cross-site scripting attack affecting Wordpress, plus how you can replicate an XSS attack in a controlled environment and how to mitigate the risk.
Microsoft MSHTML Remote Code Execution [CVE-2021-40444]
Find out more about RCE attacks on MSHTML, how they work, and how you can prevent them.
PrintNightmare Vulnerability [CVE 2021-1675 & CVE-2021-34527]
This research article takes a look at a Printer vulnerability, PrintNightmare, a local privilege escalation vulnerability found in the Windows Print spooler function.
Vulnerabilities in Apache HTTP Server [CVE 2021-42013]
Explore recent Apache HTTP Server vulnerabilities that lead to attacks such as Path Traversal and Remote Code Execution.
OWASP Top 10 Web Application Security Threats and Standards
Gain an in-depth understanding of critical web application vulnerabilities mapped in the OWASP Top 10, OWASP ASVS, WASC, and SANS CWE 25.
Polkit Authentication Bypass Local Privesc Vulnerability
Understand how the authentication bypass vulnerability found in polkit is exploited, and how your team can prevent attackers from leveraging it against you.
CurveBall - CryptoAPI Spoofing Vulnerability [CVE-2020-0601]
This paper aims to explain CVE-2020-0601, aka CurveBall, a web browser vulnerability in which the signature of certificates is not correctly verified.
HiveNightmare aka Serious SAM [CVE 2021-36934]
HiveNightmare / SeriousSAM is a zero-day privilege escalation that takes advantage of overly permissive access control lists. Find out to fix this.
Android 11 PIP Vulnerability
A deep-dive into the Picture-in-Picture (PIP) vulnerability affecting devices running Android 11, plus steps to identify and mitigate it.
Detecting and Protecting your Smartphone from Pegasus Spyware
Pegasus spyware has been deployed as a surveillance tactic against global leaders and activists. Explore it in more detail and how you can protect against it.
XML External Entity Injection via MP3 File Upload on WordPress
Learn more about this XXE attack affecting Wordpress instances. Find out how it's used to access your sensitive data and how to manage the risk.
Spoofing Downloaded Filename’s Extension in Chromium
We take a closer look at spoofing within Chromium browsers and the steps you can take to reduce the risk of CVE 2021-21123.
Android Vulnerability in ES File Explorer
Explore manual exploitation of ES File explorer – a vulnerability allowing attackers on the same network to execute apps and access sensitive data.
CMS Made Simple Exploit Explained [CVE-2020-10682]
This article explains how the MySQL service exploitation works, its scope of impact, and mitigation recommendations to prevent such attacks.
Chrome Browser FileReader (UAF) Vulnerability
Gain insight into how the Chrome Browser FileReader (UAF) Vulnerability works and learn techniques to prevent it.
Heap-Based Overflow Vulnerability in Sudo [CVE 2021-3156]
This paper explores Unix-like systems which are vulnerable to heap-based buffer overflow attacks, aka the Sudo vulnerability.
Ubuntu OverlayFS Local Privesc Vulnerability
Read this blogpost to learn the lab setup required to demonstrate the OverlayFS exploitation, plus mitigation strategies for various versions of Ubunto.
Windows Win32k Elevation of Privilege Vulnerability
This security article explains where the Win32k Elevation bug exists, why it is important, and how you can plan its mitigation.
Heartbleed Attack - What it is and How Does it Work?
All you need to know about the Heartbleed attack – from what it is, to how it works, to the steps you can take to manage the risk.
Blind SSRF with Shellshock Exploitation
Learn about the different types of blind Server Side Request Forgery (SSRF) attacks and how you can manage them.
A Beginners Guide to Linux Firewall
A guide to securing your network using Linux firewalls. Learn how to configure UFWs and protect your systems from a variety of attacks.
Injection Attacks Analysis: SQL Injection, Host Header, and more
Learn everything you need to know about injection attacks, such as Host Header Injections, SQL Injections, SMTP Injections, and more.
Introduction to Insecure Deserialization
OWASP Top Ten - A Guide to Insecure Deserialization: What it is, why it's important, how to identify it, and how to mitigate it to protect your website.
A Hands-on Approach to Linux Privilege Escalation
Discover the variety of techniques that pentesters can use to achieve privilege escalation and gain access to higher roles in Linux-based systems.
Deep Insight into Social Engineering
Explore the impact of social engineering and how cyber risk quantification can help you manage the risk from your workforce.
Understanding and Exploiting Zerologon
This research paper explains the detailed working of the Zerologon vulnerability. Learn about Netlogon and the different vulnerabilities in this protocol.
Apache Ghostcat CVE 2020-1938
Gain insight into Tomcat AJP connectors. Understand how the Ghostcat vulnerability can be detected and managed in your environment.
SMBGhost CVE 2020-0796
A write-up on the SMBGhost vulnerability found in Windows 10 systems, including how it works, where to find it, and mitigations to help prevent exploitation.