Author: Panagiotis Papaioannou

CVE Farming through Software Center – A group effort to flush out zero-day privilege escalations

Intro In this blog post we discuss a zero-day topic for finding privilege escalation vulnerabilities discovered by Ahmad Mahfouz. It abuses applications like Software Center, which are typically used in large-scale environments for automated software deployment performed on demand by regular (i.e. unprivileged) users. Since the topic resulted in a possible attack surface across many … Continue reading CVE Farming through Software Center – A group effort to flush out zero-day privilege escalations

Vulnerability Management in a nutshell

Introduction Vulnerability Management plays an important role in an organization's line of defense. However, setting up a Vulnerability Management process can be very time consuming. This blogpost will briefly cover the core principles of Vulnerability Management and how it can help protect your organization against threats and adversaries looking to abuse weaknesses. What is Vulnerability … Continue reading Vulnerability Management in a nutshell

Smart Home Devices: assets or liabilities? – Part 3: Looking at the future

This blog post is the last part of a series, if you are interested in the security or privacy of smart home devices, be sure to check out the other parts as well! TL;DR: In our previous blog posts we concluded that there is quite a long way to go for both security and privacy … Continue reading Smart Home Devices: assets or liabilities? – Part 3: Looking at the future

Smart Home Devices: assets or liabilities? – Part 2: Privacy

TL;DR - Part two of this trilogy of blog posts will tackle the next big topic when it comes to smart home devices: privacy. Are these devices doubling as the ultimate data collection tool, and are we unwittingly providing the manufacturers with all of our private data? Find out in this blog post! This blog … Continue reading Smart Home Devices: assets or liabilities? – Part 2: Privacy