Introduction I recently researched modern algorithms used by keyfobs to open cars. Since most of the blogs online talking about the topic are unfortunately quite old and in general and do not prec...

By shd Red Team and Magicians… 1.What is Command and Control Command-and-Control (C2) infrastructure is one the most important tools in a red teamer’s arsenal. In this article, we introduce a ...

PRINTNIGHTMARE NETWORK ANALYSIS The infosec community has been busy dissecting the PrintNightmare exploit. There are now variations of the exploit that can have various impacts on a target machine...

SpecterOps recently released an offensive security research paper that details techniques enabling an adversary to abuse insecure functionality in Active Directory Certificate Service. SpecterOps ...

Summary / TL:DR I recently encountered some issues when using Burp Suite Professional which led me to playing around with the Python Scripter extension. The extension allows running custom Python ...

Hello world! At JUMPSEC we’ve managed to get our hands on tickets to what is probably the greatest cyber security event in the calendar, HackFu! In order to be in with a chance of winning you simpl...

Background Recently we posted a bunch of advisories relating to Ivanti Unified Endpoint Manager, a couple of which are for vulnerabilities which can be used to achieve local privilege escalation. ...

Software: Ivanti Endpoint Manager Affected Versions: <= 2020.1.1 Vendor page: www.ivanti.com CVE Reference: CVE-2020-13773 Published: 13/11/2020 CVSS 3.1 Score: 5.5 – AV:N/AC:L/PR:L/UI:R/S:U/C:L...

Software: Ivanti Endpoint Manager Affected Versions: <= 2020.1; <= 2019.1.3 Vendor page: www.ivanti.com CVE Reference: CVE-2020-13769 Published: 13/11/2020 CVSS 3.1 Score: 7.4 – AV:N/AC:L/PR:...

Software: Ivanti Endpoint Manager Affected Versions: <= 2020.1.1 Vendor page: www.ivanti.com CVE Reference: CVE-2020-13772 Published: 13/11/2020 CVSS 3.1 Score: 5.3 – AV:N/AC:L/PR:N/UI:N/S:U/C:L...