Today was an eventful day thanks to many interesting blog posts, e.g. from my friends at watchTowr. So I thought, why not publish a small quick-and-dirty blog post myself about a story from last week? This blog post may not be of the usual quality, but it was a good time to write it.| Frycos Security Diary
What is this product GFI MailEssentials all about? We’re living the future, right? So let’s ask the GFI AI.| Frycos Security Diary
Microsoft Dynamics 365 Business Central (formerly Microsoft Dynamics NAV) – ERP and CRM software-as-a-service product meant for small and mid-sized businesses.| Frycos Security Diary
Tableau Server - Governed self-service analytics at scale| Frycos Security Diary
FortiNAC is a zero-trust access solution that oversees and protects all digital assets connected to the enterprise network, covering devices from IT, IoT, OT/ICS to IoMT. – https://www.fortinet.com/products/network-access-control| Frycos Security Diary
Storyline| Frycos Security Diary
GANZ Security AI Box: A New Generation AI-Based Intelligent Video Analytics Solution - The intelligent extension for almost every camera system. Thanks to the numerous algorithms for deep learning and analysis with which it is equipped, the AI-BOX is able to recognize the detected objects precisely and immediately and classify them: People, vehicles, motorcycles, bicycles…| Frycos Security Diary
Recently, I did a non-exhaustive security product review on a Document Generator Engine, named Docmosis. A system I targeted used Docmosis Tornado in its latest version 2.9.4. I’ll give you a walkthrough based on my local lab installation with a Proof-of-Concept exploitation on an on-premises system belonging to a specialized agency of the United Nations.| Frycos Security Diary
Update 2023-10-10: After a year, Microsoft decided to provide a patch for this - CVE-2023-41763| Frycos Security Diary
In this blog post I’ll introduce the first of two findings affecting the latest patched version of Skype for Business 2019. Here, we talk about a tool for Red Teams helping to achieve persistence on a Skype server with help of a (hopefully) new method.| Frycos Security Diary
Déjà-vu| Frycos Security Diary
This write-up won’t be an intense discussion on security code review techniques this time. We’ll simply let do all the hard work by a third party: CodeQL.| Frycos Security Diary