Ransomware Actor May Have Leaked Their Previous Victims
Recently we were tasked with investigating a ransomware attack case. We were able to reconstruct the likely attack vector and identify the data that was likely stolen ...
Read MoreArticles
HTTP Header Injection in Citrix ADC and Citrix Gateway (CVE-2020-8300, CVE-2021-22927)
We have discovered a vulnerability in Citrix products (Citrix ADC and Citrix Gateway) that allows an attacker to conduct header injection attacks. This would have ...
Read More
Unpatched Exchange servers distribute phishing links (squirrelwaffle)
Beginning of November a customer reached out to us. Internal and external users reported suspicious mails sent from their mail accounts, which included suspicious ...
Read More
The Invisible JavaScript Backdoor
A few months ago we saw a post on the r/programminghorror subreddit: A developer describes the struggle of identifying a syntax error resulting from an invisible ...
Read More
RCE in GridPro Request Management for Windows Azure Pack (CVE-2021-40371)
We recently discovered a vulnerability in GridPro Request Management versions <=2.0.7905 for Windows Azure Pack by GridPro Software. The vulnerability was ...
Read More
Citrix ADC & Citrix Gateway Vulnerability CVE-2020-8300
Update: Details regarding this vulnerability can be found here: https://certitude.consulting/blog/en/citrix-header-injection-2/ We have identified an issue in ...
Read More
DP API encryption ineffective in Windows containers: Publicly Available Cryptographic Keys (CVE-2021-1645)
We recently discovered a vulnerability in the DP API key management of Windows containers. This vulnerability was assigned CVE-2021-1645 by Microsoft [1] and ...
Read More
CSRF in JSF 2.0: Predicting CSRF Tokens for Apache MyFaces
JavaServer Faces (JSF) is a commonly used server-side web framework. Developers appreciate its relative ease of use while security engineers appreciate its ready-made ...
Read More