Vonahi Security's Blog
  • Vonahi Security Home
  • Blog
  • Weekly Threat Reports

research

A collection of 9 posts

What’s in a (re)name: RCE Hunting in CMSs via Unrestricted File Upload
research

What’s in a (re)name: RCE Hunting in CMSs via Unrestricted File Upload

Earlier this year, our threat researcher found three easily exploitable vulnerabilities in CMS apps, including two that could result in remote code execution (RCE). This article combines write-ups for these vulnerabilities.

  • Erik Wynter
    Erik Wynter
11 min read
When the PATH to SYSTEM is wide open: Philips SmartControl DLL hijacking (CVE-2020-7360)
research

When the PATH to SYSTEM is wide open: Philips SmartControl DLL hijacking (CVE-2020-7360)

Earlier this year our threat researcher found a DLL hijacking flaw affecting Philips SmartControl (CVE-2020-7360). Our latest blog post combines a write-up of this vulnerability with a general introduction to DLL hijacking for infosec students.

  • Erik Wynter
    Erik Wynter
14 min read
2019/2020: A Few Cybersecurity Reflections and Predictions
research

2019/2020: A Few Cybersecurity Reflections and Predictions

Reflections on a few major cybersecurity developments of 2019, and on how these will shape the industry in 2020.

  • Erik Wynter
    Erik Wynter
3 min read
13 Freaky Infosec Facts
research

13 Freaky Infosec Facts

13 freaky infosec facts that show how freaky and deadly technology can get.

  • Alton Johnson
    Alton Johnson
  • Erik Wynter
    Erik Wynter
5 min read
What You Don't Know Can Most Certainly Hurt You: The Importance of Phishing Assessments
research

What You Don't Know Can Most Certainly Hurt You: The Importance of Phishing Assessments

Not knowing how susceptible your employees are could be a huge opportunity for attackers.

  • Erik Wynter
    Erik Wynter
5 min read
How to prevent a catastrophic cyberattack like the City of Baltimore ransomware disaster
research

How to prevent a catastrophic cyberattack like the City of Baltimore ransomware disaster

Learn more details about the cyber attack against the City of Baltimore and how to avoid being the next victim.

  • Erik Wynter
    Erik Wynter
6 min read
Equifax Data Breach's Impact on Search Trends
research

Equifax Data Breach's Impact on Search Trends

Is the Equifax data breach the only one people care about? Let's take a look.

  • Erik Wynter
    Erik Wynter
10 min read
Web Applications Are Becoming Increasingly Insecure
research

Web Applications Are Becoming Increasingly Insecure

As more services move their services to web apps, the exposure to a data breach increases. Let's discuss some issues and solutions.

  • Erik Wynter
    Erik Wynter
5 min read
Cybercriminals are still targeting RDP services
research

Cybercriminals are still targeting RDP services

Unnecessary public-facing services is a common issue that many organizations face. Learn more about how these services, such as RDP, could pose a threat.

  • Alton Johnson
    Alton Johnson
3 min read
Vonahi Security's Blog © 2023
Latest Posts Facebook Twitter LinkedIn GitHub