Skip to content

CVE

Unveiling SSL / TLS Vulnerabilities: A Red Teamer's Guide to Exploiting Weaknesses with SSLScan and TestSSL

Unveiling SSL/TLS Vulnerabilities: A Red Teamer’s Guide To Exploiting Weaknesses With SSLScan And TestSSL

SSL (Secure Sockets Layer) and its successor TLS (Transport Layer Security) are cryptographic protocols that ensure secure communication over the internet. They provide data encryption, authentication, and integrity verification to protect sensitive information transmitted between a user’s web browser and a website, or between servers. This security is crucial for online transactions, sensitive data exchange,… Read More »Unveiling SSL/TLS Vulnerabilities: A Red Teamer’s Guide To Exploiting Weaknesses With SSLScan And TestSSL

Critical CVEs And Active Threats This Week (November 13th – 17th)

This week from November 13 to November 17, Firecompass research identified a huge number of CVEs that are high in severity and ransomware, botnets, and threat actors creating havoc. Some of the CVEs identified are of popular commercial products used by variants of industries and somenew & well known malwares targeting industries for this week.… Read More »Critical CVEs And Active Threats This Week (November 13th – 17th)

How do attackers utilize .git

How Do Attackers Utilize .git For Fun And Profit?

Security teams are busy fixing CVEs, SQLi, and other critical vulnerabilities. However, exposing .git can potentially leak credentials, source code and other sensitive information. In this blog, we will uncover the dangers of hidden exposed .git, and how to identify and mitigate the relevant risk. Introduction In the realm of software development, Git stands as… Read More »How Do Attackers Utilize .git For Fun And Profit?

Critical CVEs And Active Threats

Critical CVEs And Active Threats This Week (November 6-10, 2023)

This week from November 6 to November 10, FireCompass research identified a huge number of CVEs that are high in severity and ransomware, botnets, and threat actors creating havoc. Some of the CVEs identified are of popular commercial products used by variants of industries and some new & well known malwares targeting industries for this… Read More »Critical CVEs And Active Threats This Week (November 6-10, 2023)

New Critical CVE Alert- August2023

Critical CVEs and Active Threats This week (October 30 – November 3, 2023)

This week from October 30 to November 3, FireCompass research identified a significantly high number of CVEs that are High in severity and can be attributed to ransomware, botnets, and other threat actors groups which are creating significant impact. In this blog, we will share the important CVEs discovered this week as well as a… Read More »Critical CVEs and Active Threats This week (October 30 – November 3, 2023)