Microsoft Windows LNK CVE-2017-8464

Microsoft Windows LNK CVE-2017-8464. This is not the first time a LNK vulnerability has come around and caused issues for Windows machines. Probably will not be the last either. A patch is available as part of Microsoft “Patch Tuesday” for this and the...

WannaCry (CVE-2017-0145) Detect with Metasploit

So by now everyone should have heard of WannaCry and all the variants. Here is a good rundown on https://en.wikipedia.org/wiki/WannaCry_ransomware_attack. It stems from tools being made available that the NSA used in exploiting holes in the Windows...

Apache Struts 2 (CVE-2017-5638)

Apache Struts 2 Vulnerability (CVE-2017-5638) On 3/6/2017 a vulnerability was found in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1. Essentially it mishandles the upload from the parser and could allow remote attackers to execute commands from the...

Kali Dual Boot On MacBook Pro

So I spend as much, if not more time, in Kali in a VMWare Fusion VM than I do the actual MacOS when doing a portion of my job. So being a long time Mac user and also a long time (probably longer) Linux user I am accustomed to dual booting. I never decided to dual boot...

My heartbleed demo

Recently I was asked to present a live hack in front of an audience and I decided go back in time to the heartbleed bug. I say back in time but actually many sites are still vulnerable believe it or not. Little recap on what heartbleed is. For a brief history of...

Data Breach at UCF

As reported by Fox 35 in Orlando, it appears the University of Central Florida is now the victim of a data breach. The data breach has resulted in unauthorized access to certain personal information of current and former students and employees. The breach was...