Exploiting GraphQL
Exploiting GraphQL

Exploiting GraphQL, a query language inspired by the structure & functionality of online data storage[…]

Log4 Exploit Walkthrough
Log4j: How to Exploit and Test this Critical Vulnerability

Raxis demonstrates how to obtain a remote shell on a target system using a Log4j[…]

CVE-2022-35739: PRTG Network Monitor Cascading Style Sheets (CSS) Injection
CVE-2022-35739: PRTG Network Monitor Cascading Style Sheets (CSS) Injection

This CSS vulnerability, discovered by Raxis lead penetration tester Matt Mathur, lies in a device’s[…]

Two people at laptops sending data at each other
Why Mutual Assured Destruction is an Incomplete Cyber Defense Strategy

Is the threat of full-scale retaliation enough to prevent large-scale cyberattacks? Raxis’ COO Bonnie Smyre,[…]

LDAP Passback
LDAP Passback and Why We Harp on Passwords

LDAP passback exploits are easy when companies fail to change default passwords on network devices[…]

SonicWall Patches Three Zero-Day Vulnerabilities

Cybersecurity company SonicWall has released patches for three zero-day vulnerabilities that are currently being exploited.

IKE VPNs Supporting Aggressive Mode
IKE VPNs Supporting Aggressive Mode

In this post we’ll look at why IKE VPNs with Aggressive Mode enabled continue to[…]

Pirate Flag: We have your data. Pay us or we will delete it all.
Ransomware – What you can do to avoid being a victim

Raxis VP of Business Development Brad Herring discusses ways to protect your company from ransomware[…]