Hello everyone. I am so excited to publish my second article in 2022 which is ‘Understanding Threat Actors’.

As geopolitical tensions continue to mount, reports are emerging of a new wiper malware targeting Ukrainian infrastructure, such as government departments. Symantec and ESET research first tweeted...

Posted in r/netsec by u/danyork • 10 points and 0 comments

Last year we found a lot of exciting vulnerabilities in VMware products. The vendor was notified and they have since been patched. This is the second part of our research. This article covers an Authentication Bypass in VMware Carbon Black Cloud Workload…

Simwigo is a cross-platform tool, written in Go, to simplify the deployment of a web service. - GitHub - 8iche/simwigo: Simwigo is a cross-platform tool, written in Go, to simplify the deployment o...

South Korean researchers published an academic paper that presents a method to decrypt the files encrypted by the Hive Ransomware . This article How to Decrypt the Files Encrypted by the Hive Ransomware

The Ransomware Files podcast tells the harrowing stories of technology experts who have fought back against ransomware, which is one of the greatest crime waves the internet has ever seen. It features in-the-trenches stories about how organisations recovered…

A de-socketing library for fuzzing. Contribute to fkie-cad/libdesock development by creating an account on GitHub.

You can find me on Twitter at @HexKitchen , and follow the team for the latest in exploit techniques and security patches.

Circumventing Deep Packet Inspection with Socat and rot13 - socat_caesar_dpi.md

A Ukrainian cybersecurity researcher has released a huge batch of data that came from the internal systems of the Conti ransomware gang. The researcher released the

Are you looking for a career in application security in 2022? Here's what you need to know to land a job in a competitive tech landscape.

Twitter: @s4tan Download: https://github.com/enkomio/AlanFramework/releases/latest Documentation: https://github.com/enkomio/AlanFr...

Mike Felch // The Hunt for Initial Access With the default disablement of VBA macros originating from the internet, Microsoft may be pitching a curveball to threat actors and red […]

TL;DR A logic vulnerability working 5 years later, dubbed ReBreakCaptcha, which lets you easily bypass Google’s ReCaptcha v2 anywhere on the web. ReCaptcha Overview Many of us know of ReCaptcha, Go…

Explore this post and more from the netsec community

Since TeaBot first discovery in 2021, Cleafy's Threat Intelligence Team has been following this banking trojan's trails to understand how it acts against banks. To know more, read here our latest report.

Posted by nathanAbejeM - 5 votes and no comments

We have outlined some steps for rapid triage of a malicious untrusted Docker container running in our environment.