Unless you are living under the rock, you have seen that recently @harmj0y and @tifkin_ published their amazing research on Active Directory Certificate Services (AD CS). If you haven’t checked it out already read their post first.

PALO ALTO, Calif. & TEL AVIV, Israel, June 23, 2021--Nearly 60% of organizations said they consider lack of visibility and inadequate identity/access security a major threat to their cloud infrastructure

Until this time, Linux has experienced only a small number of viruses. Some of these viruses still exist but aren’t active, and they certainly don’t propagate.

New security research on top of a novel detection of PyPI packages containing a crypto-miner. We present actionable solutions for developers and discuss automated detection and deobfuscate techincs.

A widespread phishing campaign in operation since May is using a mix of old and new evasion tricks to drop IcedID malware.

Posted in r/netsec by u/bonobolol • 58 points and 4 comments

Browse the documentation for the Steampipe AWS Compliance mod rbi_cyber_security benchmark

New malware strain we discovered could be the reason why your antivirus doesn’t work anymore. Especially if you have installed some popular software from not so legal distribution recently

What started as a false positive alert for a Microsoft signed file turns out to be a WFP application layer enforcement callout driver that redirects traffic to a Chinese IP. How did this happen?

Jump Ahead: Enum – Getting Initial Access – User – Root – Resources TL;DR; To solve this machine, we begin by enumerating open services – finding ports 22, 80, and 330…

Insecure Direct Object Reference or IDOR happens when an application inadvertently exposes private objects through user input.

TL;DR:  Several ColdFusion/CFML tags and functions can process URLs as file path arguments -- including some tags and and functions that you...

Salesforce object access auditor. Contribute to nccgroup/raccoon development by creating an account on GitHub.

Humble Book Bundle: Cybersecurity 2021 from Packt

Google Compute Engine (GCE) VM takeover via DHCP flood - gain root access by getting SSH keys added by google_guest_agent - irsl/gcp-dhcp-takeover-code-exec

Standalone client for proxies of Windscribe browser extension - Snawoot/windscribe-proxy

Secure Vault for Customer PII/PHI/PCI/KYC Records. Contribute to securitybunker/databunker development by creating an account on GitHub.

This repository contains policy packs which can be used by system management software to configure device platforms (such as Windows 10 and iOS) in accordance with NCSC device security guidance. Th...

A simple guide explaining how to beat applicative-layer DDoS attacks using CrowdSec and Cloudflare.