Vulnerability in AVG Internet Security (CVE-2024-6510)
September 12, 2024
AVG Internet Security is an antivirus software marketed to consumers.
Our employees frequently engage in research projects to live up to the high standard. They analyze the latest topics, methods and tools in interesting information security areas and prepare them in this context. The results of these activities contribute, for example, to projects, lectures at conferences, market overviews and articles for technical journals as well in advisories and zero-day-vulnerabilities.
September 12, 2024
AVG Internet Security is an antivirus software marketed to consumers.
September 4, 2024
Overwolf is a software that is used for managing mods of games with 45 million active users every month.
July 15, 2024
The baramundi Management Agent is used for software distribution in enterprise environments.
July 5, 2024 – The NAC Pi is our all-in-one man-in-the-middle device, which allows us to bypass network access control solutions, including 802.1x. We use it as an effective measure in our Red-Teaming assessments to eavesdrop on and manipulate our customers’ supposedly protected network traffic. With this blog article we would like to go into the theory behind it and take you on the journey of how our device was created.
Author: Leon Schmidt
May 1, 2024
Checkpoint Harmony is an enterprise security software protecting customers from malware.
May 1, 2024
Webroot Antivirus is an antivirus software. The vulnerability existed in both the end user product and the enterprise product.
April 1, 2024
Bitdefender produces different antivirus products. The privilege escalation vulnerability existed in Bitdefender Total Security, Internet Security, Antivirus Plus and Antivirus Free.
March 10, 2024 – In this post, we discuss dynamically resolving functions, which help to avoid static detections based on the functions imported by our executable.
Author: Kolja Grassmann
February 10, 2024 – This is the first post in a series of posts that will cover the development of a loader for evading AV and EDR solutions.
Author: Kolja Grassmann
January 10, 2024 – This is the third part of a three-part blog post series that looks at different design decisions, considerations and options an organization should bear in mind when planning, implementing and maintaining a tiering model in order to administrate the IT infrastructure securely. It describes the various options for implementation, explains trade-offs that must be made and their residual risks, and outlines the technical measures that need to be taken.
Author: Hagen Molzer
September 12, 2024
AVG Internet Security is an antivirus software marketed to consumers.
September 4, 2024
Overwolf is a software that is used for managing mods of games with 45 million active users every month.
July 15, 2024
The baramundi Management Agent is used for software distribution in enterprise environments.
July 5, 2024 – The NAC Pi is our all-in-one man-in-the-middle device, which allows us to bypass network access control solutions, including 802.1x. We use it as an effective measure in our Red-Teaming assessments to eavesdrop on and manipulate our customers’ supposedly protected network traffic. With this blog article we would like to go into the theory behind it and take you on the journey of how our device was created.
Author: Leon Schmidt
May 1, 2024
Checkpoint Harmony is an enterprise security software protecting customers from malware.
May 1, 2024
Webroot Antivirus is an antivirus software. The vulnerability existed in both the end user product and the enterprise product.
April 1, 2024
Bitdefender produces different antivirus products. The privilege escalation vulnerability existed in Bitdefender Total Security, Internet Security, Antivirus Plus and Antivirus Free.
March 10, 2024 – In this post, we discuss dynamically resolving functions, which help to avoid static detections based on the functions imported by our executable.
Author: Kolja Grassmann
February 10, 2024 – This is the first post in a series of posts that will cover the development of a loader for evading AV and EDR solutions.
Author: Kolja Grassmann
January 10, 2024 – This is the third part of a three-part blog post series that looks at different design decisions, considerations and options an organization should bear in mind when planning, implementing and maintaining a tiering model in order to administrate the IT infrastructure securely. It describes the various options for implementation, explains trade-offs that must be made and their residual risks, and outlines the technical measures that need to be taken.
Author: Hagen Molzer
September 12, 2024
AVG Internet Security is an antivirus software marketed to consumers.
September 4, 2024
Overwolf is a software that is used for managing mods of games with 45 million active users every month.
July 15, 2024
The baramundi Management Agent is used for software distribution in enterprise environments.
September 12, 2024
AVG Internet Security is an antivirus software marketed to consumers.
September 4, 2024
Overwolf is a software that is used for managing mods of games with 45 million active users every month.
July 15, 2024
The baramundi Management Agent is used for software distribution in enterprise environments.
cirosec follows this responsible disclosure policy when dealing with zero-day vulnerabilities found during research or customer projects. The goal is to balance the need of giving the vendor or open-source project enough time to develop and distribute a fix for the vulnerability with the need of the public to know about the security vulnerability. The policy is in accordance with industry-standard responsible disclosure practices. Our Responsible Disclosure Policy could be found here.