Resources

Topics

XM Cyber Advisory – OpenSSL Critical Vulnerability
Zur Ulianitzky and David Azria | Blog

Overview According to the OpenSSL team, on November 1st, 2022, a new version, number 3.0.7 will be released (https://mta.openssl.org/pipermail/openssl-announce/2022-October/000238.html). It’s interesting to note that…

XM Cyber Advisory – Follina, CVE-2022-30190, Zero Day
Zur Ulianitzky and Bill Ben Haim | Blog

On May 27, a new zero day critical vulnerability called Follina was discovered by the nao_sec security research team. The vulnerability resides in malicious…

Decrypting VMware Workstation Passwords for Fun
David Azria & Zur Ulianitzky | Blog

Overview At XM Cyber, we have been hard at work on the techniques that attackers use against your VMware environments. What you’re about to…

New Privilege Escalation Techniques are Compromising your Google Cloud Platform
Idan Strovinsky, Zur Ulianitzky | Blog

In this research you’ll discover some of the common attack techniques used in Google Cloud Platform (GCP) to better understand how an attacker exploits…

XMGoat – An Open Source Pentesting Tool for Azure
Blog

  Overview We created XMGoat as an open source tool with the purpose of teaching penetration testers, red teamers, security consultants, and cloud experts…

See all ways we can help you

See what attackers see, so you can stop them from doing what attackers do.