| 2024-07-24 |
Researchers find ‘Port Shadow’ flaws in VPN platforms |
www.scmagazine.com 0 |
|
| 2024-07-24 |
Technical Details: Falcon Update for Windows Hosts | CrowdStrike |
www.crowdstrike.com 0 |
|
| 2024-07-24 |
Attackers Abuse Swap File to Steal Credit Cards |
blog.sucuri.net 0 |
|
| 2024-07-24 |
Dock Tile Plugins Could Be Used to Escalate Privileges |
blog.kandji.io 0 |
|
| 2024-07-24 |
JNDI Injection Remote Code Execution via Path Manipulation in MemoryUserDatabaseFactory |
Source Incite 0 |
|
| 2024-07-24 |
Introduction |
github.com 0 |
|
| 2024-07-24 |
CyberSecurityUP/Awesome-Red-Team-Operations |
github.com 0 |
|
| 2024-07-24 |
Type confusion attacks in ProseMirror editors |
blog.calif.io 0 |
|
| 2024-07-24 |
New TE.0 HTTP Request Smuggling Flaw Impacts Google Cloud Websites |
gbhackers.com 0 |
|
| 2024-07-18 |
Pwn2Own: WAN-to-LAN Exploit Showcase, Part 1 |
claroty.com 0 |
|
| 2024-07-17 |
MSI’s Massive Security Breach: 600K+ Warranties Exposed |
securityonline.info 0 |
|
| 2024-07-17 |
CVE-2024-31411: Apache StreamPipes: Potential remote code execution (RCE) via file upload |
Open Source Security 0 |
|
| 2024-07-17 |
Security's Achilles' Heel: Vulnerable Drivers on the Prowl |
www.securityjoes.com 0 |
|
| 2024-07-17 |
APKscan: Scan for secrets, endpoints, and other sensitive data in Android files |
meterpreter.org 0 |
|
| 2024-07-17 |
Kdrill: Python tool to check rootkits in Windows kernel |
meterpreter.org 0 |
|
| 2024-07-17 |
Hollow Process Injection |
www.darkrelay.com 0 |
|
| 2024-07-17 |
Blackbox-Fuzzing of IoT Devices Using the Router TL-WR902AC as Example |
github.com 0 |
|
| 2024-07-17 |
Unauthenticated SSRF on Havoc C2 teamserver via spoofed demon agent |
blog.chebuya.com 0 |
|
| 2024-07-15 |
GitLab Sends Users Scrambling Again With New CI/CD Pipeline Takeover Vuln |
www.darkreading.com 0 |
|
| 2024-07-15 |
Critical Exim Mali Server Vulnerability Impacts 1.5 Million Email Servers |
cybersecuritynews.com 0 |
|
| 2024-07-15 |
lighttpd vulnerability unfixed since 2018 |
www.binarly.io 0 |
|
| 2024-07-15 |
dirDevil: Hiding Code and Content Within Folder Structures |
trustedsec.com 0 |
|
| 2024-07-15 |
Evernote RCE: From PDF.js font-injection to All-platform Electron exposed ipcRenderer with listened BrokerBridge Remote-Code Execution |
0reg.dev 0 |
|
| 2024-07-15 |
ahaggard2013/binaryninja-ollama |
github.com 0 |
|
| 2024-07-15 |
z4ziggy/Zigfrid: A Passive RFID fuzzer |
github.com 0 |
|
| 2024-07-15 |
Announcing AES-GEM (AES with Galois Extended Mode) |
Trail of Bits Blog 0 |
|
| 2024-07-12 |
Chaining Three Bugs to Access All Your ServiceNow Data |
www.assetnote.io 0 |
|
| 2024-07-12 |
Introduction |
www.elastic.co 0 |
|
| 2024-07-12 |
Barevisor |
github.com 0 |
|
| 2024-07-12 |
Binary secret scanning helped us prevent (what might have been) the worst supply chain attack you can imagine |
jfrog.com 0 |
|
| 2024-07-12 |
Early results for vulnerability analysis and remediation for OSS-Fuzz bugs · Issue #458 · google/oss-fuzz-gen |
github.com 0 |
|
| 2024-07-12 |
MSSQL ATTACK TOOL – A swiss army knife for pentesting MSSQL servers |
meterpreter.org 0 |
|
| 2024-07-11 |
CVE-2024-33327 |
Full Disclosure 0 |
|
| 2024-07-11 |
GitHub - Mr-r00t11/CVE-2024-37081 |
github.com 0 |
|
| 2024-07-11 |
plORMbing your Prisma ORM with Time-based Attacks |
www.elttam.com 0 |
|
| 2024-07-11 |
GitHub - arphanetx/Monocle: Tooling backed by an LLM for performing natural language searches against compiled target binaries. Search for encryption ... |
github.com 0 |
|
| 2024-07-11 |
Hidden between the tags: Insights into spammers’ evasion techniques in HTML Smuggling |
Cisco Talos Blog 0 |
|
| 2024-07-11 |
Pwn2Own: WAN-to-LAN Exploit Showcase |
claroty.com 0 |
|
| 2024-07-10 |
Resurrecting Internet Explorer: Threat Actors Using Zero-day Tricks in Internet Shortcut File to Lure Victims (CVE-2024-38112) - Check Point Research |
research.checkpoint.com 0 |
|
| 2024-07-10 |
Exploiting Enterprise Backup Software For Privilege Escalation: Part Two |
northwave-cybersecurity.com 0 |
|
| 2024-07-10 |
NSA targets Linux Journal as 'extremist forum': Report |
www.zdnet.com 0 |
|
| 2024-07-10 |
Let’s Go into the rabbit hole (part 3) — the challenges of dynamically hooking Golang programs |
Quarkslab's blog 0 |
|
| 2024-07-10 |
DoNex ransomware decoded: How to use Avast decryptor |
www.scmagazine.com 0 |
|
| 2024-07-10 |
Apple Geolocation API Exposes Wi-Fi Access Points Worldwide |
www.darkreading.com 0 |
|
| 2024-07-10 |
Cross-Silicon Exploitation in UEFI: A Deep Dive Analysis |
www.binarly.io 0 |
|
| 2024-07-09 |
GitHub - FLOCK4H/AtomDucky: WiFi Rubber Ducky with a web interface using CircuitPython |
github.com 0 |
|
| 2024-07-09 |
Shelltorch Explained: Multiple Vulnerabilities in Pytorch Model Server (Torchserve) (CVSS 9.9, CVSS 9.8) Walkthrough | Oligo Security |
www.oligo.security 0 |
|
| 2024-07-09 |
BRF: eBPF Runtime Fuzzer |
packetstormsecurity.com 0 |
|
| 2024-07-09 |
CloudSorcerer – A new APT targeting Russian government entities |
securelist.com 0 |
|
| 2024-07-09 |
Cisco Warns of regreSSHion RCE Impacting Multiple Products |
cybersecuritynews.com 0 |
|
| 2024-07-09 |
Recent Water Hydra APT Activity Exploiting CVE-2024-21412 |
www.broadcom.com 0 |
|
| 2024-07-09 |
CVE-2024-39349 (CVSS 9.8): Critical Vulnerability in Synology Surveillance Cameras |
securityonline.info 0 |
|
| 2024-07-09 |
oss-security - ASLRn't is still alive and well on x86 kernels, despite CVE-2024-26621 patch |
www.openwall.com 0 |
|
| 2024-07-09 |
BlueSpy: PoC to record audio from a Bluetooth device |
meterpreter.org 0 |
|
| 2024-07-09 |
ZDI-24-821: A Remote UAF in The Kernel's net/tipc |
sam4k.com 0 |
|
| 2024-07-08 |
EgeBalci/deoptimizer: Machine code de-optimizer. |
github.com 0 |
|
| 2024-07-08 |
DojoLoader: Generic PE loader for fast prototyping evasion techniques |
meterpreter.org 0 |
|
| 2024-07-08 |
tor-rootkit |
github.com 0 |
|
| 2024-07-08 |
CVE-2022-24785 MomentJS Path Traversal |
0xjay.com 0 |
|
| 2024-07-08 |
LavaDome bypass by detecting character height · Issue #48 · LavaMoat/LavaDome |
github.com 0 |
|
| 2024-07-08 |
Let's Make & Crack a PRNG in Go! |
vaktibabat.github.io 0 |
|
| 2024-07-08 |
RISC-V Emulator for Sophgo SG2000 SoC (Pine64 Oz64 / Milk-V Duo S) |
lupyuen.codeberg.page 0 |
|
| 2024-07-08 |
Pwning a Brother labelmaker, for fun and interop! |
sdomi.pl 0 |
|
| 2024-07-05 |
Novel DoS Vulnerability Affecting WebRTC Media Servers |
Full Disclosure 0 |
|
| 2024-07-05 |
Hackers Can Crack Passkeys with AitM Phishing Attacks! |
cyberpress.org 0 |
|
| 2024-07-05 |
RCE for CVE-2024-36401 |
github.com 0 |
|
| 2024-07-05 |
Hackers Exploiting HTTP File Server Remote Code Execution Vulnerability in Wild |
cybersecuritynews.com 0 |
|
| 2024-07-05 |
SnailLoad (CVE-2024-39920): New Side-Channel Attack Exposes Your Web Activity |
securityonline.info 0 |
|
| 2024-07-05 |
WiFi Exploitation Framework |
github.com 0 |
|
| 2024-07-05 |
CVE-2024-37726: MSI Center Flaw Exposes Windows Systems to Privilege Escalation Attacks |
securityonline.info 0 |
|
| 2024-07-05 |
Indirector: High-Precision Branch Target Injection Attacks Exploiting the Indirect Branch Predictor |
github.com 0 |
|
| 2024-07-04 |
GHSL-2024-089: Path traversal in youtube-dl leading to RCE - CVE-2024-38519 |
securitylab.github.com 0 |
|
| 2024-07-04 |
Introducing BadDNS |
blog.blacklanternsecurity.com 0 |
|
| 2024-07-04 |
Insights on the MOVEit File Transfer Vulnerability |
www.trendmicro.com 0 |
|
| 2024-07-04 |
17 vulnerabilities in Sharp Multi-Function Printers |
Full Disclosure 0 |
|
| 2024-07-04 |
Re: Ghostscript 10.03.1 (2024-05-02) fixed 5 CVEs including CVE-2024-33871 arbitrary code execution |
Open Source Security 0 |
|
| 2024-07-04 |
CVE-2023-52168, CVE-2023-52169: buffer overflow, over-read vulnerabilities in the 7-Zip archiver |
Open Source Security 0 |
|
| 2024-07-04 |
CVE-2024-36104 - Path Traversal vulnerability in Apache OFBiz |
www.broadcom.com 0 |
|
| 2024-07-04 |
SEC Consult SA-20240627-0 :: Local Privilege Escalation via MSI installer in SoftMaker Office / FreeOffice |
Full Disclosure 0 |
|
| 2024-07-04 |
GHSL-2024-070: Remote Code Execution (RCE) in Chromium - CVE-2024-3833 |
securitylab.github.com 0 |
|
| 2024-07-03 |
Apple CocoaPods Bugs Expose Millions of Apps to Code Injection |
www.darkreading.com 0 |
|
| 2024-07-03 |
CVE-2024-1724: Snap Sandbox Escape Vulnerability Threatens Linux Systems |
securityonline.info 0 |
|
| 2024-07-03 |
PoC Exploit Published for Linux Kernel Privilege Escalation Flaw (CVE-2024-0193) |
securityonline.info 0 |
|
| 2024-07-03 |
JTAG debug of Windows Hyper-V / Secure Kernel with WinDbg and EXDI: Part 4 | ASSET InterTech |
www.asset-intertech.com 0 |
|
| 2024-07-03 |
SpyMax – An Android RAT targets Telegram Users |
labs.k7computing.com 0 |
|
| 2024-07-03 |
An unexpected journey into Microsoft Defender's signature World |
retooling.io 0 |
|
| 2024-07-03 |
Attack of the clones: Getting RCE in Chrome’s renderer with duplicate object properties |
github.blog 0 |
|
| 2024-07-03 |
ROP ROCKET: Unleashing the Power of Advanced Code-Reuse Attacks |
meterpreter.org 0 |
|
| 2024-07-02 |
Windows Rootkits (and Bootkits) Guide v2 |
artemonsecurity.blogspot.com 0 |
|
| 2024-07-02 |
Shellcode Template for Windows x64 |
github.com 0 |
|
| 2024-07-02 |
Usability for attacks |
promon.co 0 |
|
| 2024-07-02 |
Automata in Action: New Vulnerabilities Discovered in HP UEFI |
eclypsium.com 0 |
|
| 2024-07-02 |
Latest Intel CPUs impacted by new Indirector side-channel attack |
www.bleepingcomputer.com 0 |
|
| 2024-07-02 |
Exploiting Steam: Usual and Unusual Ways in the CEF Framework |
www.darknavy.org 0 |
|
| 2024-07-02 |
Pixel Tablet Dock (korlan) Secure Boot Bypass |
oddsolutions.github.io 0 |
|
| 2024-07-02 |
Model Extraction from Neural Networks |
www.schneier.com 0 |
|
| 2024-07-02 |
oss-security - CVE-2024-6387: RCE in OpenSSH's server, on glibc-based Linux systems |
www.openwall.com 0 |
|
| 2024-06-28 |
Security Analysis of the EU’s Digital Wallet |
www.schneier.com 0 |
|
| 2024-06-28 |
Tech Minds: Testing the NooElec FlyCatcher RTL-SDR ADS-B+UAT Raspberry Pi Hat |
www.rtl-sdr.com 0 |
|
| 2024-06-28 |
Saftellite |
github.com 0 |
|
