Vulnerability

Entries with this tag address the finding, existence or (sometimes controlled) exploitation of specific security flaws or misconfigurations in systems.

Photo by sebastiaan stam on Unsplash

January 12, 2023

Carlos Bello


Injecting JS into one site is harmful, into all, lethal

In this blog post, we present in detail a vulnerability we discovered in Rushbet v2022.23.1-b490616d, along with the steps to follow to replicate the exploit.

Photo by Nahel Abdul Hadi on Unsplash

November 23, 2022

Carlos Bello


So it's the app itself that delivers the cookie to me?

In this blog post, I present in detail a zero-day vulnerability I discovered in KAYAK v161.1, along with the steps to follow to replicate the exploit.

Photo by Axel Ruffini on Unsplash

September 6, 2022

Andres Roldan


A Black Hat talk follow up

We will take a brief understanding at DirectX, a new attack surface on Hyper-V

Photo by Lucrezia Carnelos on Unsplash

June 13, 2022

Felipe Ruiz


Chances are you're vulnerable with Microsoft Office

In this blog post, you can learn what Follina is, how it works, what cyberattacks are linked to it and what you can do as prevention measures.

Photo by Lenny Kuhne on Unsplash

May 28, 2022

Andres Roldan


Cross-process memory patching with Python

We will take AMSI bypass to another level by using cross-process memory injection.

Photo by Alexander Aguero on Unsplash

April 27, 2022

Felipe Ruiz


Conti gang relentlessly lashes their vulnerable systems

It's been almost two weeks since the beginning of the Conti gang's new wave of cyberattacks against Costa Rican organizations. Find out here what has happened.

Photo by Chris Briggs on Unsplash

April 20, 2022

Felipe Ruiz


Three strikes already for this web browser in 2022

In this blog post, you can learn about three zero-day vulnerabilities of at least high severity in Google Chrome that have been exploited this year.

Photo by Bank Phrom on Unsplash

April 18, 2022

Jason Chavarría


What you should know about our security advisories

In this blog post we explain what our Advisories are and, in the process, share some information on how the Fluid Attacks Research Team works.

Photo by Bruno Kelzer on Unsplash

April 11, 2022

Felipe Ruiz


A very brief introduction

Our blog needed a basic post about ethical hacking. It can be helpful as an introduction for those who don't know and want to learn about it.

Start your 21-day free trial

Discover benefits of our Continuous Hacking solution, which hundreds of organizations are already enjoying.

Start your 21-day free trial