ITSEC Newsletter
Posts
ITSEC Newsletter 2025-03-27

ITSEC Newsletter 2025-03-27

Henrik Falk
March 27, 2025

tmp.0ut Volume 4

The tmp.0ut crew would like to thank the authors for contributing their amazing work to our zine! We want to give a huge shout out to our community as well. Thank you for being so kind and spreading knowledge. You are what makes tmp.0ut great!

tmpout.sh/4

Red Teaming with ServiceNow

Over the course of numerous Red Team engagements MDSec has often gained privileged access to a target’s ServiceNow instance. This has, in turn, facilitated a variety of compromise actions across the enterprise, against key systems and users. Moreover, such access has allowed a form of persistence into the environment. These activities have all been achieved through leveraging ServiceNow itself. Applications and environments such as ServiceNow provide what can be described as the holy grail of functionality, as this blog post will detail.

www.mdsec.co.uk/2025/03/red-teaming-with-servicenow

The Practical Limitations of End-to-End Encryption

Not to put too fine a point on it: Switching to Threema or PGP would not have made a lick of difference. Switching to Matrix would have only helped if you consider “unable to decrypt message” helping.

soatok.blog/2025/03/25/the-practical-limitations-of-end-to-end-encryption