Bishop FoxJun 15, 2023
We are committed to sharing cutting-edge technical insights into the ever-evolving landscape of emerging #threats, while highlighting security issues that may pose a significant risk to your organization. Mark your calendars for June 29th for Episode 3 of our ongoing #WhatTheVuln #BFLive series; this time, we’re diving deep into some #vulnerabilities our team came up against in Q2 as well as an exclusive exploration of a #Fortinet #exploit. https://bfx.social/43xkEfp
Episode 3 of the What the Vuln Series: Quarterly Roundup Q2 2023

Watch the third episode of our What the Vuln technical series to hear about the most intriguing vulnerabilities in Q2 2023 and how we hacked them.

Bishop Fox
Bishop FoxJun 10, 2023

Announcing Episode 3 of #WhatTheVuln! This episode of our technical #livestream series is dedicated to Q2 #vulnerabilities & the cutting-edge #techniques our team created to #exploit them. Hosted by Jon Williams + Ben Lincoln, we hope to see you June 29!

https://bfx.social/43xkEfp #BFLive

Episode 3 of the What the Vuln Series: Quarterly Roundup Q2 2023

Watch the third episode of our What the Vuln technical series to hear about the most intriguing vulnerabilities in Q2 2023 and how we hacked them.

Bishop Fox
Bishop FoxApr 18, 2023

On Episode 2 of our technical #livestream series #WhatTheVuln, Lindsay Von Tish discussed a technique for bypassing #EDR via #LoLBins. In this blog post, she goes into detail about the technique including how she initially discovered it.

Give it a read today!
https://bfx.social/3Gn3Fmw #infosec

EDR Bypass with LoLBins

In Episode 2 of our What the Vuln series, Lindsay Von Tish shares her knowledge on endpoint detection and response (EDR) bypass techniques with LoLBins.

Bishop Fox
Bishop FoxApr 7, 2023

On Episode 2 of our technical #livestream series #WhatTheVuln, Lindsay Von Tish discussed a technique for bypassing #EDR via LoLBins. In this blog post, she goes into detail about the technique including how she initially discovered it.

Give it a read today! https://bfx.social/3Gn3Fmw #infosec #hacking

EDR Bypass with LoLBins

In Episode 2 of our What the Vuln series, Lindsay Von Tish shares her knowledge on endpoint detection and response (EDR) bypass techniques with LoLBins.

Bishop Fox
Bishop FoxMar 23, 2023

Now that you’ve seen #WhatTheVuln Episode 2 featuring Lindsay Von Tish and Allan Cecil, check out the corresponding technical write-up where you can take a deep dive into how to use #LoLBins to bypass #EDR protection and install a #C2 agent for advanced #postexploitation control.

And don’t fret if you missed the initial livestream – you can watch the recording on demand! https://bfx.social/3K4T1mS


P.S. Episode 3 is on the way!

EDR Bypass with LoLBins

In Episode 2 of our What the Vuln series, Lindsay Von Tish shares her knowledge on endpoint detection and response (EDR) bypass techniques with LoLBins.

Bishop Fox
Bishop FoxMar 22, 2023

Catch Lindsay Von Tish tomorrow as she explains #WhatTheVuln! Allan Cecil will interview her on the details of an #EDR bypass she performed with native Windows binaries (#LoLBins) to install a #C2 agent in a simulated post-exploitation attack scenario.

Watch the #livestream at our LinkedIn or on our YouTube channel! https://bfx.social/3Km1YIK

What the Vuln Episode 2: EDR Bypass with LoLBins

Our What the Vuln second episode explores how to bypass EDR with native Windows binaries (LoLBins) to gain advanced post-exploitation control. Register!

Bishop Fox
Bishop FoxMar 13, 2023

“Zimbra Collaboration Suite Network Edition includes functionality that allows customers to receive a ZIP archive and extract its contents to an arbitrary location on the host due to the path traversal #vulnerability. This could be leveraged by #hackers to achieve #remotecodeexecution on the target system. Note that the open-source edition is not affected. While the path traversal vulnerability was first published last year, it has gained more traction, especially since working #exploits have been published lately to achieve remote code execution.”

Read more in our #WhattheVuln write-up: https://bfx.social/3lUL75U #RCE

What the Vuln: Zimbra

What the Vuln is a series where our offensive security experts and hackers deep dive and zero-in on one specific vulnerability that plagues organizations.

Bishop Fox
Bishop FoxFeb 21, 2023

If you caught today's #WhattheVuln episode featuring Carlos Yanez discussing Zimbra #security, be sure to check out his write-up on the topic, too! https://bfx.social/3lUL75U

Next month we're back with Lindsay Von Tish and Allan Cecil to talk about #EDR bypassing with #LoLBins.

What the Vuln: Zimbra

What the Vuln is a series where our offensive security experts and hackers deep dive and zero-in on one specific vulnerability that plagues organizations.

Bishop Fox
Bishop FoxFeb 17, 2023

In the inaugural episode of our #WhattheVuln series, Carlos Yanez zeros in on CVE-2022-37042 and #CVE-2022-27925, exploring the perils of #RCE on web-based communications technology.

Watch along on our livestream on February 21st! https://bfx.social/3jjgFkK

What the Vuln: Zimbra Zip Path Traversal vulnerability

Watch the first episode of this What the Vuln series to see Bishop Fox examine Zimbra Zip Path Traversal vulnerability, CVE-2022-37042, and CVE-2022-27925.

Bishop Fox