/ Orange Cyberdefense Switzerland's technical blog Tue, 20 May 2025 09:26:15 +0000 en-US hourly 1 https://wordpress.org/?v=6.9.4 /wp-content/uploads/2024/10/cropped-favicon-32x32-1-32x32.png / 32 32 /2025/05/20/hijacking-the-windows-marebackup-scheduled-task-for-privilege-escalation/ Tue, 20 May 2025 09:26:14 +0000 /?p=7033 Continue reading Hijacking the Windows “MareBackup” Scheduled Task for Privilege Escalation]]> /2024/11/25/arbitrary-web-root-file-read-in-sitecore-before-v10-4-0-rev-010422/ Mon, 25 Nov 2024 13:34:08 +0000 /?p=5725 Continue reading Arbitrary web root file read in Sitecore before v10.4.0 rev. 010422]]> /2024/11/11/exploiting-ksecdd-through-server-silos/ Mon, 11 Nov 2024 13:13:58 +0000 /?p=5731 Continue reading Exploiting KsecDD through Server Silos]]> /2024/09/10/getting-code-execution-on-veeam-through-cve-2023-27532/ Tue, 10 Sep 2024 13:32:28 +0000 /?p=4313 Continue reading Getting code execution on Veeam through CVE-2023-27532]]> /2024/09/02/ghost-in-the-ppl-part-3-lsass-memory-dump/ Mon, 02 Sep 2024 14:06:18 +0000 /?p=5136 Continue reading Ghost in the PPL Part 3: LSASS Memory Dump]]> /2024/08/15/ghost-in-the-ppl-part-2-from-byovdll-to-arbitrary-code-execution-in-lsass/ Thu, 15 Aug 2024 09:46:21 +0000 /?p=5133 Continue reading Ghost in the PPL Part 2: From BYOVDLL to Arbitrary Code Execution in LSASS]]> /2024/08/09/ghost-in-the-ppl-part-1-byovdll/ Fri, 09 Aug 2024 07:37:19 +0000 /?p=5052 Continue reading Ghost in the PPL Part 1: BYOVDLL]]> /2023/05/01/solr-rce-from-exposed-administration-interface/ Mon, 01 May 2023 07:41:54 +0000 /?p=2803 Continue reading Apache Solr 8.3.1 RCE from exposed administration interface]]> /2023/03/29/attacking-android-antivirus-applications/ Wed, 29 Mar 2023 12:43:00 +0000 /?p=3848 Continue reading Attacking Android Antivirus Applications]]> /2023/03/17/bypassing-ppl-in-userland-again/ Fri, 17 Mar 2023 15:54:34 +0000 /?p=4008 Continue reading Bypassing PPL in Userland (again)]]>