On March 30th, 2022, the leader of the KnownSec 404 team has announced, via Twitter, that his team found a Remote Code Execution (RCE) in the Spring Core framework. In the wild, there are a few similar RCEs in Spring, but we will focus only on CVE-20
Launched under European Defence Industrial Development Programme in December 2021, the project “Cyber Rapid Response Toolbox for Defence Use” (CYBER4DE) takes on the challenge to develop an easily deployable, modular, and scalable cyber r
Infigo IS, like the rest of the world, is following the development of the situation in Ukraine with apprehension. War is always a terrible loss for everyone involved, something no one should experience, and hopefully, the situation will stabilize as
From day one, Infigo IS has been dedicated to security, whether it is security assessment, consulting, application development such as Infigo SIEM, or entering the MSSP arena. And in those more than 15 years, user data has always been our number one
Researchers from Qualys today published an advisory about a local privilege escalation vulnerability in the pkexec tool, that is installed as part of the Polkit (formerly PolicyKit) package.This package is used for controlling system-wide privi
A popular Apache log4j library, which is almost everywhere today, in servers run by Apple, Twitter, Valve, Cloudflare, basically anything that has Java in it (over 3 billion devices), suffered a critical zero-day vulnerability – vulnerability i