Blog

Blog

CVE-2024-6769: Poisoning the Activation Cache to Elevate From Medium to High Integrity

By Ricardo Narvaja on Thu, 09/26/2024

This blog is about two chained bugs: Stage one is a DLL Hijacking bug caused by the remapping of ROOT drive and stage two is an Activation Cache Poisoning bug managed by the CSRSS server.The first stage was presented in detail at Ekoparty 2023 in the presentation called "I'm High" by Nicolás Economou from BlueFrost Security. He explained how to exploit the vulnerability which, at the time, had not...

Blog

Cobalt Strike and Outflank Security Tooling: Friends in Evasive Places

Wed, 08/09/2023

Blog

Step One in Your Cybersecurity Journey: Threat Assessment

Wed, 03/16/2022

Blog

Six Strategies to Ensure You Give the Right Access to the Right People at the Right Time

Mon, 08/31/2020

Part 2 of the Improving Your Security-Efficiency Balance Series: One of the primary challenges organizations wrestle with in identity governance is how to achieve the right balance in their company between security and efficiency. In Part 1 of the Improving Your Security-Efficiency Balance Series, we examined the unique balancing act organizations face when it comes to user access. In this blog...

CVE-2024-6769: Poisoning the Activation Cache to Elevate From Medium to High Integrity

Cobalt Strike and Outflank Security Tooling: Friends in Evasive Places

Step One in Your Cybersecurity Journey: Threat Assessment

Six Strategies to Ensure You Give the Right Access to the Right People at the Right Time

Contact Information

Privacy Policy

Cookie Policy

Impressum