Loginsoft Blogs
Introduction to Common Gateway Interface and CGI vulnerabilities
Introduction: One simple way to create a server-side dynamic web page which displays different content each time it is viewed is the Common Gateway Interface (CGI). This post will help you understand what a CGI is, how it works and how the CGI-enabled web server is...
Introduction to Heap Internals
In this post we will cover a few essential topics of Heap Memory. We will learn about the heap creation, the structure of heap memory and different exploitation techniques. This post is mainly based on glibc's heap implementation. We recommend reading “Doug Lee malloc...
Discovering Vulnerabilities with AFL Fuzzer
This article covers the topic Fuzzing with American Fuzzy Lop (AFL), a powerful fuzzer to find unknown/known vulnerabilities in a software. This should be a good start for any security researchers or a passionate developer who love hunting bugs for fame and profit....
Memory Corruption Vulnerabilities
In the previous post, some brief information on analyzing memory corruption issues was given. In the following post, a few prevalent issues in this category that can lead to security impacts will be addressed. Introduction: It all starts with a runtime error leading...
Why Is My Software Vulnerable?
Vulnerability Analysis: Over the past few years, our team has manually analyzed numerous vulnerabilities in open source software. Be it a critical design flaw that eventually lead to the retrieval of encrypted mails in a widely used mail client's add-on that send and...
Threat Research Blogs
Ransomware Watch Q1 2023 Highlights
June 20, 2023
Over 800 organizations found themselves listed on ransomware sites lurking in the depths of the dark web..
Taming the Storm: Understanding and Mitigating the Consequences of CVE-2023-27350
May 23, 2023
The world of cybersecurity is constantly evolving, with new threats emerging every day. One of the latest threats to emerge is..
IcedID Malware: Traversing Through its Various Incarnations
May 02, 2023
IcedID, the notorious malware, is actively involved in several delivery campaigns, demonstrating versatility and adaptability.
Maximizing Threat Detections of Qakbot with Osquery
April 12, 2023
Initially, Qakbot spreads using malicious email attachments, drive-by-download attacks
Aurora: The Dark Dawn and its Menacing Effects
March 24, 2023
Aurora Stealer a non-friendly program in your neighborhood developed in Go-lang.