2024-05-14 |
Program Environment Fuzzing (EFuzz) |
github.com
0 |
|
2024-05-14 |
YouTube Video Series on Iridium Satellite Decoding with an Airspy, RTL-SDR Blog Patch Antenna and DragonOS |
www.rtl-sdr.com
0 |
|
2024-05-14 |
Re: Microsoft Device Firmware Configuration Interface (DFCI) in Linux efivars directory |
Open Source Security
0 |
|
2024-05-14 |
cybersectroll/SharpPersistSD |
github.com
0 |
|
2024-05-14 |
Path of rev.ng-ance: from raw bytes to CodeQL on decompiled code
.ical
06-28, 13:00–14:00 (US/Eastern), Grand Salon |
cfp.recon.cx
0 |
|
2024-05-14 |
Windows Bootkits Guide |
artemonsecurity.blogspot.com
0 |
|
2024-05-14 |
Bypassing WAFs to Exploit CSPT Using Encoding Levels |
matanber.com
0 |
|
2024-05-13 |
Open RAN: Attack of the xApps |
www.trendmicro.com
0 |
|
2024-05-13 |
Attacks on 5G Infrastructure From Users’ Devices |
www.trendmicro.com
0 |
|
2024-05-13 |
PingRAT - Secretly Passes C2 Traffic Through Firewalls Using ICMP Payloads |
www.kitploit.com
0 |
|
2024-05-13 |
Installation |
github.com
0 |
|
2024-05-13 |
LLMjacking: Stolen Cloud Credentials Used in New AI Attack |
sysdig.com
0 |
|
2024-05-13 |
Diverto/IPPrintC2: PoC for using MS Windows printers for persistence / command and control via Internet Printing |
github.com
1 |
|
2024-05-13 |
16 years of CVE-2008-0166 |
16years.secvuln.info
1 |
|
2024-05-11 |
macOS Adload | Prolific Adware Pivots Just Days After Apple’s XProtect Clampdown |
www.sentinelone.com
0 |
|
2024-05-11 |
CVE-2024-34350 & CVE-2024-34351: Two Vulnerabilities Patched in Popular Next.js Framework |
securityonline.info
0 |
|
2024-05-11 |
Sorry, you have been blocked |
www.theregister.com
0 |
|
2024-05-11 |
Google Rushes to Patch Chrome Zero-Day Exploit: CVE-2024-4671 |
securityonline.info 1 |
|
2024-05-11 |
针对区块链从业者的招聘陷阱:疑似Lazarus(APT-Q-1)窃密行动分析 |
mp.weixin.qq.com 0 |
|
2024-05-11 |
The Many Faces of Undetected macOS InfoStealers | KeySteal, Atomic & CherryPie Continue to Adapt |
www.sentinelone.com 1 |
|
2024-05-11 |
Introduction |
github.com 0 |
|
2024-05-11 |
fdx-xdf/darkPulse: darkPulse是一个用go编写的shellcode Packer,用于生成各种各样的shellcode loader,目前免杀火绒,360,360核晶。 |
github.com 0 |
|
2024-05-11 |
www.bleepingcomputer.com |
www.bleepingcomputer.com 0 |
|
2024-05-09 |
Objectives |
blog.cyber5w.com 0 |
|
2024-05-09 |
Xen Security Advisory 457 v2 - Linux/xen-netfront: Memory leak due to missing cleanup function |
Open Source Security
0 |
|
2024-05-09 |
How to protect yourself from phishing and malware on GitHub and GitLab |
www.kaspersky.com
0 |
|
2024-05-09 |
Talos discloses multiple zero-day vulnerabilities, two of which could lead to code execution |
Cisco Talos Blog
0 |
|
2024-05-09 |
花小钱钓大鱼|揭秘 1155 WBTC 钓鱼事件 |
mp.weixin.qq.com
0 |
|
2024-05-09 |
cybersectroll/TrollDump |
github.com
0 |
|
2024-05-09 |
Breaking Monero Episode 09: Poisoned Outputs (EAE Attack) |
www.youtube.com
0 |
|
2024-05-08 |
GLib (2.26.0+): GDBus signal subscriptions for well-known names are vulnerable to unicast spoofing |
Open Source Security
0 |
|
2024-05-08 |
Empowering Cybersecurity with AI: The Future of Cisco XDR |
Cisco Blogs
0 |
|
2024-05-08 |
1,000,000 requests 2FA bypass |
imwaiting18.medium.com
0 |
|
2024-05-08 |
Gftrace - A Command Line Windows API Tracing Tool For Golang Binaries |
www.kitploit.com 0 |
|
2024-05-08 |
Ghidra nanoMIPS ISA module |
research.nccgroup.com 0 |
|
2024-05-08 |
Multiple vulnerabilities in RIOT OS |
security.humanativaspa.it 0 |
|
2024-05-08 |
Exploiting CData within Jetty servers - CVE-2024-31848/49/50/51 - File Path Traversal & File Read |
github.com 0 |
|
2024-05-08 |
kvm-fuzz |
github.com 0 |
|
2024-05-08 |
TunnelVision - CVE-2024-3661 - Decloaking Full and Split Tunnel VPNs - Leviathan Security Group |
www.youtube.com 0 |
|
2024-05-08 |
Guntior - the story of an advanced bootkit that doesn't rely on Windows disk drivers |
artemonsecurity.blogspot.com 0 |
|
2024-05-07 |
Analysis of ArcaneDoor Threat Infrastructure Suggests Potential Ties to Chinese-based Actor |
censys.com
0 |
|
2024-05-07 |
Why Your VPN May Not Be As Secure As It Claims |
Krebs on Security
0 |
|
2024-05-07 |
GitHub - ivision-research/burpscript |
github.com
0 |
|
2024-05-07 |
Linksys Router Flaws Exposed, Poc Published, Patch Unavailable! |
securityonline.info
0 |
|
2024-05-07 |
Multiple Vulnerabilities in Open Devin (Autonomous AI Software Engineer) |
evren.ninja
0 |
|
2024-05-07 |
Lateral movement and on-prem NT hash dumping with Microsoft Entra Temporary Access Passes |
dirkjanm.io
0 |
|
2024-05-07 |
secuvera-SA-2024-02: Multiple Persistent Cross-Site Scritping (XSS) flaws in Drupal-Wiki |
Full Disclosure
0 |
|
2024-05-07 |
Netscaler ADC and Gateway, Version 13.1-50.23 |
bishopfox.com
0 |
|
2024-05-07 |
Critical Tinyproxy Flaw Opens Over 50,000 Hosts to Remote Code Execution |
thehackernews.com
0 |
|
2024-05-06 |
r/netsec - Flutter Windows Thick Client SSL Pinning Bypass |
www.reddit.com
0 |
|
2024-05-06 |
Uncovering potential threats to your web application by leveraging security reports |
Google Online Security Blog
0 |
|
2024-05-06 |
AMSI Write Raid 0day Vulnerability |
www.offsec.com
0 |
|
2024-05-06 |
NTLM Relay Gat: automate the exploitation of NTLM relays |
securityonline.info
0 |
|
2024-05-06 |
Advanced Frida Usage Part 9 – Memory Scanning In Android |
8ksec.io
0 |
|
2024-05-06 |
A Quick Note About Our Fall Pwn2Own #shorts |
www.youtube.com
0 |
|
2024-05-06 |
Reverse engineering of Android/Phoenix |
cryptax.medium.com
0 |
|
2024-05-06 |
Experts Blog |
www.fortalicesolutions.com
0 |
|
2024-05-06 |
The Will and the Word |
knifecoat.com
0 |
|
2024-05-06 |
JS-Tap - JavaScript Payload And Supporting Software To Be Used As XSS Payload Or Post Exploitation Implant To Monitor Users As They Use The Targeted A... |
www.kitploit.com
0 |
|
2024-04-30 |
oss-security - CVE-2024-27322: Deserialization vulnerability in R before 4.4.0 |
www.openwall.com
0 |
|
2024-04-30 |
D-Link NAS Device Backdoor Abused |
isc.sans.edu
0 |
|
2024-04-30 |
Palo Alto Firewalls Under Attack: Critical Flaw Exploited to Deploy Cryptojacking Malware |
securityonline.info
0 |
|
2024-04-30 |
CodeQL zero to hero part 3: Security research with CodeQL |
github.blog
0 |
|
2024-04-30 |
Reading Between the Lines of Code: Ziraat_Stealer |
infosecwriteups.com
0 |
|
2024-04-30 |
LSASS rings KsecDD ext. 0 |
tierzerosecurity.co.nz
0 |
|
2024-04-30 |
NAT Slipstreaming v2.0 |
www.armis.com
0 |
|
2024-04-30 |
Researchers Uncover ‘Pathfinder’ Exploit, Putting CPUs at Risk of High-Precision Attacks |
securityonline.info
0 |
|
2024-04-30 |
Relaying Kerberos Authentication from DCOM OXID Resolving |
Tyranid's Lair
0 |
|
2024-04-29 |
CVE-2024-21111 – Local Privilege Escalation in Oracle VirtualBox |
www.mdsec.co.uk
0 |
|
2024-04-29 |
Horacius (IAM) - Local privilege escalation, even without a Windows account. |
blog.pridesec.com.br
0 |
|
2024-04-29 |
Embed A Malicious Executable in a Normal PDF or EXE |
medium.com
0 |
|
2024-04-29 |
Telegram Web app XSS / Session Hijacking 1-click |
Open Source Security
0 |
|
2024-04-29 |
CrimsonEDR - Simulate The Behavior Of AV/EDR For Malware Development Training |
www.kitploit.com
0 |
|
2024-04-29 |
Your NVMe Had Been Syz’ed: Fuzzing NVMe-oF/TCP Driver for Linux with Syzkaller |
www.cyberark.com
0 |
|
2024-04-29 |
Suspicious hook-loading mechanism in hyprland |
Open Source Security
0 |
|
2024-04-28 |
Exploiting the NT Kernel in 24H2: New Bugs in Old Code & Side Channels Against KASLR |
exploits.forsale
0 |
|
2024-04-28 |
Loading DLLs Reflections |
trustedsec.com
0 |
|
2024-04-28 |
Windows Kernel EoP Vulnerability (CVE-2024-21345) Gets PoC Exploit Code |
securityonline.info
0 |
|
2024-04-28 |
Coverage Guided Fuzzing – Extending Instrumentation to Hunt Down Bugs Faster! |
blog.includesecurity.com 0 |
|
2024-04-28 |
CyberInsecurity: The Cost of Monopoly |
www.schneier.com 0 |
|
2024-04-28 |
LightSpy Malware Variant Targeting macOS |
www.huntress.com 0 |
|
2024-04-28 |
oss-security - Update on the distro-backdoor-scanner effort |
www.openwall.com 0 |
|
2024-04-26 |
Registration confirmations attack |
www.kaspersky.com 0 |
|
2024-04-26 |
oss-security - libksieve (used by kmail/kontact) sent password as username |
www.openwall.com 0 |
|
2024-04-26 |
Talos IR trends: BEC attacks surge, while weaknesses in MFA persist |
Cisco Talos Blog 0 |
|
2024-04-26 |
Cyber Attack Defenders Up For Battle: Huge Uptick In Timely Detections |
gbhackers.com
0 |
|
2024-04-26 |
CoralRaider Hacker Evade Antivirus Detections Using Malicious LNK File |
gbhackers.com
0 |
|
2024-04-26 |
Nation-state hackers exploit Cisco firewall 0-days to backdoor government networks |
arstechnica.com
0 |
|
2024-04-26 |
Sifting through the spines: identifying (potential) Cactus ransomware victims |
research.nccgroup.com
0 |
|
2024-04-26 |
What information can be extracted from intercepted AI chatbot messages? |
www.kaspersky.com
0 |
|
2024-04-25 |
oss-security - PowerDNS Recursor Security Advisory 2024-02: if recursive forwarding is configured, crafted responses can lead to a denial of service i... |
www.openwall.com
0 |
|
2024-04-25 |
GuptiMiner: Hijacking Antivirus Updates for Distributing Backdoors and Casual Mining |
decoded.avast.io
0 |
|
2024-04-25 |
Nation-State Threat Actors Renew Publications to npm |
blog.phylum.io 0 |
|
2024-04-25 |
C isn’t a Hangover; Rust isn’t a Hangover Cure |
medium.com 0 |
|
2024-04-25 |
C2-Tracker - Live Feed Of C2 Servers, Tools, And Botnets |
www.kitploit.com 0 |
|
2024-04-25 |
Social engineering for open-source supply chain attack profit |
securelist.com 0 |
|
2024-04-25 |
oss-security - CVE-2024-0582 - Linux kernel use-after-free vulnerability in io_uring, writeup and exploit strategy |
www.openwall.com 0 |
|
2024-04-24 |
GitHub - login-securite/lsassy: Extract credentials from lsass remotely |
github.com 0 |
|
2024-04-24 |
Oracle VirtualBox Elevation of Privilege Vulnerability (CVE-2024-21111): PoC Published |
securityonline.info 0 |
|
2024-04-24 |
How we escalated a DOM XSS to a sophisticated 1-click Account Takeover for $8000 - Part 1 |
thefrogsec.github.io 0 |
|