XM Cyber Advisory – Spring4Shell, Zero Day
Overview On March 30, A new zero day critical vulnerability was leaked in another open source software library. The vulnerability…
Blog
New Privilege Escalation Techniques are Compromising your Google Cloud Platform
In this research you’ll discover some of the common attack techniques used in Google Cloud Platform (GCP) to better understand…
Blog
Go beyond Log4Shell and see the entire attack path with XM Cyber
We know you’re working tirelessly to get ahead of the log4j vulnerability. Here at XM Cyber, we can help you…
Videos
Go Beyond Log4Shell and See the Entire Attack Path
We understand the facts: The most common open-source library (Java) has already been identified with 3 CVEs and counting, with…
Blog
XM Cyber Advisory – Log4Shell, CVE-2021-44228
Overview Last Thursday, December 9, the Log4Shell vulnerability, CVE-2021-44228 (CVSS score 10), was discovered. This remote code execution (RCE) vulnerability…
CVE Advisory
XMGoat – An Open Source Pentesting Tool for Azure
Overview We created XMGoat as an open source tool with the purpose of teaching penetration testers, red teamers, security…
Blog
Privilege Escalation and Lateral Movement on Azure – Part 2
Overview This is the second part of XM Cyber series about privilege escalation and lateral movement on Microsoft Azure. Some…
Blog
Privilege Escalation and Lateral Movement on Azure – Part 1
Overview XM Cyber features integrated support for Microsoft Azure. This support addresses attack techniques from on-premises environments to Azure cloud…
Blog
See XM Cyber In Action
