Zach Hanley
Filter Content:
Categories:
Tags:
February 19, 2025 | Attack Blogs, Disclosures
Critical Ivanti Endpoint Manager vulnerabilities revealed—learn about CVE exploits and mitigation.October 9, 2024 | Attack Blogs, Disclosures
On July 10, 2024, Palo Alto released a security advisory for CVE-2024-5910, a vulnerability which allowed attackers to remotely reset…September 25, 2024 | Attack Blogs, Disclosures
On August 13, 2024, SolarWinds released a security advisory for Web Help Desk (WHD) that detailed a deserialization remote code…September 16, 2024 | Attack Blogs
On September 10, 2024, Ivanti released a security advisory for a command injection vulnerability for it's Cloud Service Appliance (CSA)…May 28, 2024 | Attack Blogs, Disclosures
In November of 2023, preparing for a call for papers, I attempted to investigate the FortiSIEM patch for CVE-2023-34992. I…May 20, 2024 | Attack Blogs, Disclosures
In early 2023, given some early success in auditing Fortinet appliances, I continued the effort and landed upon the Fortinet…March 14, 2024 | Attack Blogs, Disclosures
Early in 2023, soon after reproducing a remote code execution vulnerability for the Fortinet FortiNAC, I was on the hunt…March 6, 2024 | Attack Blogs
On February 27, 2024, Progress released a security advisory for OpenEdge, their application development and deployment platform suite. The advisory…February 6, 2024 | Attack Blogs
Introduction Memory safety issues have plagued the software industry for decades. The Cybersecurity & Infrastructure Security Agency (CISA) has been…January 23, 2024 | Attack Blogs
On January 22, 2024 Fortra posted a security advisory for their GoAnywhere MFT product. This advisory details an authentication bypass…