5Dec-24

Behind The Scenes: Yarix Approach to Mobile Security

TLDR: This article highlights the Yarix Red Team’s daily challenges and internal work done to improve the quality of our outcomes. We will explore the topic by taking the Mobile Security field as a case: we will start with the common reporting problems every red team faces day after day, as well as those arising from the gaps in the...
Posted By
1Aug-24

Threat Actors leverage Chinese SHOPOEM Platforms to spread infamous scam campaign

Introduction

As Yarix Cyber Threat Intelligence (YCTI) team, we keep a close eye on and track phishing and scam campaigns on a daily basis. Protecting the reputation and image of client companies is one of the main goals of YCTI’s Brand Abuse team. This includes determining whether and how their officially registered trademarks are being used to spread fraudulent campaigns that...
Posted By
24Jun-24

Java – Cracking the Random: CVE-2024-29868

TL;DR

If you employ a Java application with a token-based password recovery mechanism, be sure that said token isn't generated using: RandomStringUtils. Spoiler: You can crack it and predict all past and future tokens generated by the application!

Some Context

During a Penetration Test I was sifting through the internet - as one often does - looking for ways to...
Posted By
10May-24

Kelvin Security and Spectre, investigating possible relationships

Kelvin Security and Spectre, investigating possible relationships

Introduction

The Yarix Cyber Threat Intelligence Team (YCTI) has conducted an investigation that has discovered a possible relationship between the threat actor Kelvin Security with another threat actor called Spectre. This relations was identified through the discovery and analysis of an indicator found within an Italian governmental leak that was shared by a malicious actor....
Posted By