Hacker's guide to deep-learning side-channel attacks: the theory https://elie.net/blog/security/hacker-guide-to-deep-learning-side-channel-attacks-the-theory
elie.net
Hacker's guide to deep-learning side-channel attacks: the theory | blog post
Learn the concepts behind deep-learning side-channels attack, a powerful cryptanalysis technique, by using it to recover AES cryptographic keys from a hardware device.
Malware Can Use This Trick to Bypass Ransomware Defense in Antivirus Solutions
https://thehackernews.com/2021/06/malware-can-use-this-trick-to-bypass.html
https://thehackernews.com/2021/06/malware-can-use-this-trick-to-bypass.html
The Hacker News
Malware Can Use This Trick to Bypass Ransomware Defense in Antivirus Solutions
Malware Can Use This New Trick to Bypass Ransomware Defense in Popular Antivirus Solutions
Hidden parameters discovery suite written in Rust.
Features:
A lot of things to customize: key template, value template, encodings, and even injection points.
Supports 6 main methods: GET, POST, PUT, PATCH, DELETE, HEAD.
Has built in 2 main body types: json, urlencode.
Able to discover parameters with not random value, like admin=true
Compares responses line-by-line.
Adds to every request cachebuster by default.
#Rust #CTF #redteaming #parameters #web
https://github.com/Sh1Yo/x8
Features:
A lot of things to customize: key template, value template, encodings, and even injection points.
Supports 6 main methods: GET, POST, PUT, PATCH, DELETE, HEAD.
Has built in 2 main body types: json, urlencode.
Able to discover parameters with not random value, like admin=true
Compares responses line-by-line.
Adds to every request cachebuster by default.
#Rust #CTF #redteaming #parameters #web
https://github.com/Sh1Yo/x8
GitHub
GitHub - Sh1Yo/x8: Hidden parameters discovery suite
Hidden parameters discovery suite. Contribute to Sh1Yo/x8 development by creating an account on GitHub.
The Race to Native Code Execution in PLCs
https://www.claroty.com/2021/05/28/blog-research-race-to-native-code-execution-in-plcs/
https://www.claroty.com/2021/05/28/blog-research-race-to-native-code-execution-in-plcs/
Claroty
Siemens PLC Software Vulnerabilities Uncovered | Team82
Claroty has found a severe memory protection bypass vulnerability (CVE-2020-15782) in Siemens PLC Software, the SIMATIC S7-1200 and S7-1500. Learn more.
Fuzzing the Office Ecosystem https://research.checkpoint.com/2021/fuzzing-the-office-ecosystem/
Check Point Research
Fuzzing the Office Ecosystem - Check Point Research
Research By: Netanel Ben-Simon and Sagi Tzadik Introduction Microsoft Office is a very commonly used software that can be found on almost any standard computer. It is also integrated inside many products of the Microsoft / Windows ecosystem such as Office…
PuzzleMaker attacks with Chrome zero-day exploit chain https://securelist.com/puzzlemaker-chrome-zero-day-exploit-chain/102771/
Securelist
PuzzleMaker attacks with Chrome zero-day exploit chain
We detected a wave of highly targeted attacks that exploited a chain of Google Chrome and Microsoft Windows zero-day exploits.