Close

Cobalt Strike C&C and Freeworld Ransomware Doing the Rounds on Unsecured MSSQL Instances

A deadly combination, with bad actors currently targeting badly maintained/secured instances of Microsoft SQL Server (MSSQL), of which there are many in the wild. Freeworld, like most ransomware’s it is designed to encrypt a user’s files to deny them access and asks for payment in order to restore. Files are appended with “.FreeWorldEncryption“. Contact details…

Burp or OWASP Zap? Pros and Cons

Introduction Web application security is of paramount importance in today’s digital landscape, with cyber threats becoming increasingly sophisticated. To safeguard sensitive data and maintain the trust of users, developers and security professionals need effective tools for identifying and mitigating vulnerabilities. In this blog post, we’ll introduce two popular web application security testing tools for beginners:…

The log4j Question

What was it? The Log4j flaw refers to a critical security vulnerability in the Apache Log4j library, which is a widely used Java-based logging utility. The vulnerability, officially designated as CVE-2021-44228, was discovered in December 2021. It allowed attackers to execute arbitrary code remotely by exploiting the way Log4j processed user-supplied data that included specially…