Modernizing the CIA's operational infrastructure. Multi/Hybrid Cloud Docker Swarm clusters and mesh VPN networks 🐿

Introduction A Vulnerability Researcher’s Favorite Stress Relief Continuing in our series of research findings involving Netgear 1 produc...

JFrog Security research team identifies vulnerability in TensorFlow allowing an attacker to insert a malicious input that runs arbitrary Python code. Learn more >

The unusual technique invokes the Windows App Installer to deliver malware

How to detect the Muhstik Botnet attacking a Kubernetes Pod to control the Pod and mine cryptocurrency and DDoS.

Frequently colleagues and clients get to my (virtual) desk and pose the following question to me: “I know which patches (KBs) are installed on a Windows syst...

JARM is an active Transport Layer Security server fingerprinting tool that provides the ability to identify and group malicious servers.

Posted in r/netsec by u/Gallus • 220 points and 32 comments

Evading Windows Defender when SysWhisper got caught!

Explore advanced cybersecurity solutions, providing proactive defense against emerging threats. Learn more about our tailored intelligence, and cybercrime investigation solutions.

Instant. Actionable. Insights.

Supply chains attacks are all the rage these days, whether to deliver RATs, cryptocurrencies miners, or credential stealers. In Rust, packages are called crates and are (most of the time) hosted on a central repository: https://crates.io for better discoverability.…

Software supply chain security threat: automated scanning of Python packages in the PyPI repository uncovered stealthy malware and more. Find out about our latest findings.