denizhalil

Vulnerabilities and Exploits

Oracle PeopleSoft Zero-Day Vulnerability Exploitation (CVE-2026-35273)

by
Oracle PeopleSoft Zero-Day Vulnerability Exploitation (CVE-2026-35273)

Introduction Enterprise Resource Planning (ERP) systems store an organization’s most sensitive financial, operational, and personal data, making them prime targets for sophisticated cyber threat actors looking to maximize their leverage. On June 10, 2026, Oracle released an urgent, out-of-band security alert addressing CVE-2026-35273—a critical remote code execution (RCE) vulnerability actively exploited as a zero-day within the Oracle PeopleSoft PeopleTools component. Attributed to the advanced persistent threat group UNC6240 (which has

Continue Reading →
Vulnerabilities and Exploits

CVE-2026-20230: Unauthenticated Critical SSRF and Root Privilege Escalation on Cisco

by

Introduction Enterprise voice and video communication infrastructures rely heavily on Cisco Unified Communications Manager (Unified CM / CUCM) as a core asset within modern corporate network architectures. Because these unified communications platforms handle sensitive proprietary data, orchestrate internal routing, and connect disparate branch offices, they represent highly attractive targets for sophisticated threat actors looking to establish a persistent foothold. Disclosed by Cisco PSIRT in

Continue Reading →
Vulnerabilities and Exploits

CVE-2026-33825 (BlueHammer) – Microsoft Defender Privilege Escalation Vulnerability

by
CVE-2026-33825 (BlueHammer) – MIcrosoft Defender PrIvIlege EscalatIon VulnerabIlIty

Introduction To achieve the highest level of privileges within an operating system, cyber threat actors frequently target the OS kernel or security software running with full system administrative rights. Discovered under the moniker “BlueHammer,” CVE-2026-33825 is a high-severity vulnerability that directly targets Windows’ native security mechanism, Microsoft Defender. Added by CISA to its Known Exploited Vulnerabilities (KEV) catalog due to evidence of active real-world exploitation, this

Continue Reading →
Vulnerabilities and Exploits

Exploitation of Ivanti Sentry – OS Command Injection CVE-2026-10520

by
ExploItatIon of IvantI Sentry - OS Command InjectIon CVE-2026-10520

Introduction Edge gateways that secure and route mobile traffic to back-end corporate networks are primary targets for threat actors due to their perimeter placement. In June 2026, Ivanti released a critical security advisory addressing a pre-authentication OS Command Injection vulnerability in Ivanti Sentry (formerly MobileIron Sentry), tracked as CVE-2026-10520 with a maximum CVSS score of 10.0. This vulnerability allows remote, unauthenticated

Continue Reading →
Vulnerabilities and Exploits

Critical Check Point VPN Zero-Day Exploited in the Wild (CVE-2026-50751)

by
CrItIcal Check PoInt VPN Zero-Day ExploIted In the WIld (CVE-2026-50751)

Introduction Perimeter security appliances serve as an organization’s absolute first line of defense, acting as the critical gatekeepers between the untrusted public internet and highly sensitive internal corporate assets. Because of this strategic positioning, edge devices like firewalls and virtual private networks have evolved into a primary, highly lucrative, and relentlessly pursued target for sophisticated state-sponsored groups and ransomware syndicates

Continue Reading →
Vulnerabilities and Exploits

Exploitation of PAN-OS GlobalProtect Authentication Bypass Vulnerability (CVE-2026-0257)

by
CVE-2026-0257- Palo Alto Networks PAN-OS - Authentication Bypass

Introduction In modern enterprise network architectures, perimeter defense systems such as VPNs and edge gateways serve as the primary entry points to internal assets, making them highly attractive targets for cyber threat actors. Because these perimeter solutions are designed to bridge untrusted public space with trusted internal assets, any compromise at this boundary completely dismantles a company’s defense-in-depth model. The CVE-2026-0257 vulnerability

Continue Reading →
Active Directory Security

What is Silver Ticket Attack: A Comprehensive Guide

by
What is Silver Ticket Attack: A Comprehensive Guide

Introduction A Silver Ticket attack is a stealthy Kerberos exploitation technique that allows attackers to access specific network services in an Active Directory environment by forging service tickets. Unlike Golden Tickets, which provide domain-wide access by compromising the KRBTGT account, Silver Tickets exploit individual service account credentials to impersonate authorized users for targeted resources. These attacks bypass the domain

Continue Reading →
Active Directory Security

Responder Tool for Network Credential Capture in Active Directory

by
Responder Tool for Network Credential Capture in Active Directory

Introduction Responder is a powerful, open-source Python-based penetration testing tool that directly targets the fundamental weaknesses present in Windows network environments. By manipulating how machines resolve hostnames when DNS lookups fail, Responder intercepts broadcast name resolution requests—specifically those using LLMNR (Link-Local Multicast Name Resolution), NBT-NS (NetBIOS Name Service), and MDNS (Multicast DNS) protocols—and impersonates legitimate network resources. This approach lets attackers seamlessly perform man-in-the-middle (MITM) attacks: when victims

Continue Reading →
Active Directory Security

What is LSASS Memory Dumping Techniques: A Comprehensive Guide

by
What is LSASS Memory Dumping Techniques A Comprehensive Guide

Introduction As cyber threats continuously evolve and become increasingly sophisticated, attackers persistently target critical system processes to extract valuable credentials and maintain persistent access within compromised environments. One of the most targeted components on Windows systems is the Local Security Authority Subsystem Service, better known as LSASS. This core Windows process is responsible for managing user authentication, enforcing security policies, and

Continue Reading →