PrinterLogic RCEs, Java app analysis, DCSync from Linux, timed race conditions, ManageEngine auth bypass, Windows driver RE methods, + more!

CI/CD pipeline war stories, Serv-U exploit writing, Safari IndexedDB leak, RDP services vuln, a very slick loader, and more!

More JDNI to RCE, parallel loader, MS signed phishing docs, IP-takeover vulns, driver loading BOF dev, and more!

BY PATRICK SHEEHAN There’s a saying in martial arts, “the black belt is just the beginning of the journey”. I believe the same can be applied to cybersecurity certifications; the OSCP (as an example) is equivalent to a black belt, and while many view it as the end of the journey, arguably it is just the beginning. Similar to different martial arts styles, each conferring their certifications (belts), so too is the case in the cyber world. Paul Jerimy maintains a security cer