On April 7 2021, Thijs Alkemade and Daan Keuper demonstrated a zero-click remote code execution exploit in the Zoom video client during Pwn2Own 2021. Now that related bugs have been fixed for all users (see ZDI-21-971 and ZSB-22003) we can safely detail the…

Memory modification tool for re-signed ipa supports iOS apps running on iPhone and Apple Silicon Mac without jailbreaking. - GitHub - aktsk/ipa-medit: Memory modification tool for re-signed ipa sup...

PyHook is an offensive API hooking tool written in python designed to catch various credentials within the API call. - IlanKalendarov/PyHook

Use smb2 protocol to detect remote computer os version, support win7/server2008-win10/server2019 - w1u0u1/smb2os

TL;DR Find out how a vulnerability discovered in Samsung S10+/S9 kernel allows leaking of sensitive function address information. Vulnerability Summary Samsung S10+/S9 kernel […]

How to orienteer in a cloud environment, dig in to identify the risks that matter, and put together actionable plans that address short, medium, and long term goals.

Cobalt Strike Aggressor Script that Performs System/AV/EDR Recon - optiv/Registry-Recon

How failures related to validating conditions based on URLs can lead to security issues

Posted in r/netsec by u/mdulin2 • 8 points and 0 comments

The vulnerability in this post is real. The story and characters are obviously not.

Hi! Today I’m publishing a new […]

At IncludeSec we of course love to hack things, but we also love to use our skills and insights into security issues to explore innovative solutions, develop tools, and share resources. In this post we share a summary of a recent paper that I published with…

In May 2021, the Biden Administration signed Executive Order (EO) 14028, placing cloud security at the forefront of national security. Federal agencies are at different stages in their digital transformations yet are all facing similar challenges: rapidly…

PerimeterX Cybersecurity Researcher Ben Baryo discovered a skimmer served from recaptcha[.]tech and examined its progression over the course of two years.

In this paper, we identify a new class of optical TEMPEST attacks: recovering sound by analyzing optical emanations from a device’s power indicator LED. We analyze the response of the power indicator LED of various devices to sound and show that there is…

‘dmesg’ (display message) is not a popular Unix/Linux command. However, it provides vital information that can be used for troubleshooting production performance problems.

The Mosque-Cathedral of Córdoba is a chronicle of

In this post I talk about what it means to perform comprehensive Attack Surface Management by leveraging a broad spectrum of OSINT (Open…

A critical vulnerability in Azure's flagship Cosmos DB service affecting thousands of customers. Mitigation requires customers' manual actions.