Start now

Incidense response team

All the articles where the Incident Response share whatever they learned from the incidents they managed and from the interactions with the CERT.

Ransomware 101: How to Prevent, Detect, and Respond to a ransomware attack

Ransomware 101: How to Prevent, Detect, and Respond to a ransomware attack

As organizations digitalize, increased technological dependence requires them to embrace cybersecurity as a strategic pillar.

Testlink 1.9.20: Unrestricted file upload and SQL injection

Testlink 1.9.20: Unrestricted file upload and SQL injection

Testlink is an open source, web based test management and test execution system written in PHP (a scripting language also known as an Hypertext Preprocessor).

The rise of Emotet

The rise of Emotet

Emotet is a multipurpose malware which is mainly distributed through spam mails. It was first spotted in 2014 and was designed to steal bank account details.

Execution – Powershell (T1086)

Execution – Powershell (T1086)

Powershell is a commandline interface (CLI) with command and scripting capabilities. Its main targets are System Administrators to automate task and control it.

Initial Access – Drive-by Compromise (T1189)

Initial Access – Drive-by Compromise (T1189)

This post is the first of a series of posts that will provide a better understanding about the techniques used by adversaries to reach their tactical objectives.

In-depth Freemarker Template Injection

In-depth Freemarker Template Injection

During a recent engagement, our AppSec team faced an interesting instance of limited Server Side Template Injection in Freemarker.

An unusual case of Client SQL Injection

An unusual case of Client SQL Injection

It is widely known how dangerous using unsanitized data in SQL queries can be.

Recovering SQLCipher encrypted data with Frida

Recovering SQLCipher encrypted data with Frida

Our AppSec team has faced the SQLCipher library during some recent security audits of mobile applications. According to their GitHub README: