/ Orange Cyberdefense Switzerland's technical blog Mon, 02 Feb 2026 13:30:52 +0000 en-US hourly 1 https://wordpress.org/?v=6.9.4 /wp-content/uploads/2024/10/cropped-favicon-32x32-1-32x32.png / 32 32 /2025/08/25/blinding-edrs-a-deep-dive-into-wfp-manipulation/ Mon, 25 Aug 2025 08:22:56 +0000 /?p=7176 Continue reading Blinding EDRs: A deep dive into WFP manipulation]]> /2025/06/04/sonicdoor-attacking-sonicwalls-sma-500/ Wed, 04 Jun 2025 09:36:07 +0000 /?p=6642 Continue reading SonicDoor – Cracking SonicWall’s SMA 500]]> /2024/12/13/understanding-azure-container-registry-permissions-a-security-concern/ Fri, 13 Dec 2024 08:27:13 +0000 /?p=6672 Continue reading The effect of granting Azure Reader role on Azure Container Registry instances]]> /2024/12/05/attacking-cortex-xdr-from-an-unprivileged-user-perspective/ Thu, 05 Dec 2024 12:49:41 +0000 /?p=6405 Continue reading Attacking Cortex XDR from an unprivileged user perspective]]> /2024/11/25/arbitrary-web-root-file-read-in-sitecore-before-v10-4-0-rev-010422/ Mon, 25 Nov 2024 13:34:08 +0000 /?p=5725 Continue reading Arbitrary web root file read in Sitecore before v10.4.0 rev. 010422]]> /2024/11/11/exploiting-ksecdd-through-server-silos/ Mon, 11 Nov 2024 13:13:58 +0000 /?p=5731 Continue reading Exploiting KsecDD through Server Silos]]> /2024/10/28/privilege-escalation-through-tpm-sniffing-when-bitlocker-pin-is-enabled/ Mon, 28 Oct 2024 08:45:51 +0000 /?p=6045 Continue reading Privilege escalation through TPM Sniffing when BitLocker PIN is enabled]]> /2024/09/02/ghost-in-the-ppl-part-3-lsass-memory-dump/ Mon, 02 Sep 2024 14:06:18 +0000 /?p=5136 Continue reading Ghost in the PPL Part 3: LSASS Memory Dump]]> /2024/08/15/ghost-in-the-ppl-part-2-from-byovdll-to-arbitrary-code-execution-in-lsass/ Thu, 15 Aug 2024 09:46:21 +0000 /?p=5133 Continue reading Ghost in the PPL Part 2: From BYOVDLL to Arbitrary Code Execution in LSASS]]> /2024/08/09/ghost-in-the-ppl-part-1-byovdll/ Fri, 09 Aug 2024 07:37:19 +0000 /?p=5052 Continue reading Ghost in the PPL Part 1: BYOVDLL]]>