Recent News

CVE-2016-8919 – IBM WebSphere deserialization of untrusted data

IBM WebSphere deserialization of untrusted data: http://lab.mediaservice.net/advisory/2016-03-websphere.txt [crayon-5f66fe469c389495128638/]  

CVE-2016-7065 – Red Hat JBoss EAP deserialization of untrusted data

Red Hat JBoss EAP deserialization of untrusted data Advisory URL: http://lab.mediaservice.net/advisory/2016-05-jboss.txt [crayon-5f66fe469c9d5777673254/]  

Exploiting OGNL Injection

Recently during a penetration test Burp Suite reported a “Expression Language Injection” issue. Burp Suite…

Penetration testing on mobile applications – The hard way

In this period, I spend a huge portion of my working time doing penetration test…

CVE-2016-5983 – IBM WebSphere deserialization of untrusted data

IBM WebSphere deserialization of untrusted data Advisory url: http://lab.mediaservice.net/advisory/2016-02-websphere.txt [crayon-5f66fe469cfae840804943/]

McAfee VirusScan Enterprise security restrictions bypass

McAfee VirusScan Enterprise security restrictions bypass Advisory URL: http://lab.mediaservice.net/advisory/2016-01-mcafee.txt   [crayon-5f66fe469d2ef603670919/]  

Easy authorization checks with Autorize

Recently I became one of the authors of one of the most useful (in my opinion)…

Bypassing RFID HID Corporate 1000 physical access control system: improving the firmware of Proxmark III

Bypassing RFID HID Corporate 1000 physical access control system: improving the firmware of Proxmark III…

• «
• 1
• …
• 3
• 4
• 5
• 6
• 7
• 8
• 9
• 10
• »