Blog

Advisory: CVE-2024-55957

Advisory: CVE-2024-55957

07 February 2025

Local Privilege Escalation Vulnerability in Thermo Scientific™ Xcalibur™ and Foundation software.

Using SYN port scans with source IP spoofing for offensive deception

Using SYN port scans with source IP spoofing for offensive deception

08 January 2025

Deliberately triggering service enumeration alerts for offensive deception.

Windows - Data Protection API Revisited

Windows - Data Protection API Revisited

26 November 2024

Chromium changes related to the DPAPI.

Revisiting MiniFilter Abuse Techniques to Blind EDR

Revisiting MiniFilter Abuse Techniques to Blind EDR

18 September 2024

Revisiting minifilter abuse techniqes to blinding EDR.

Effective EDR Telemetry Blocking via Person-in-the-Middle Network Filtering Attacks

Effective EDR Telemetry Blocking via Person-in-the-Middle Network Filtering Attacks

23 July 2024

Blocking EDR telemetry via PitM network filtering attacks

Microsoft Entra Connect: Connect Sync vs Cloud Sync through a hacker's view

Microsoft Entra Connect: Connect Sync vs Cloud Sync through a hacker's view

21 May 2024

The distinction between traditional Connect Sync and the new Cloud Sync lies in the shifting TTPs from a hacker's perspective.

Older Posts →

Contact

Get in touch

Email:

contact@tierzerosecurity.co.nz

Book a meeting with the team:

Schedule a time