New update from Google's Threat Analysis Group finds numerous APTs running campaigns in Ukraine and Est. Europe, including Fancy Bear (Russia), Ghostwriter (Belarus) and Curious Gorge (China).
https://ift.tt/KlnHqX3
Submitted May 03, 2022 at 09:57PM by Ramsey_Power
via reddit https://ift.tt/7iLh8eW
https://ift.tt/KlnHqX3
Submitted May 03, 2022 at 09:57PM by Ramsey_Power
via reddit https://ift.tt/7iLh8eW
Google
Update on cyber activity in Eastern Europe
An update on cyber activity in eastern Europe.
Privilege escalation vulnerabilities discovered in Linux known as Nimbuspwn
https://ift.tt/lIgqtYU
Submitted May 03, 2022 at 11:51PM by sciencestudent99
via reddit https://ift.tt/EGkZF5f
https://ift.tt/lIgqtYU
Submitted May 03, 2022 at 11:51PM by sciencestudent99
via reddit https://ift.tt/EGkZF5f
FourCore
Privilege escalation vulnerabilities discovered in Linux known as Nimbuspwn - FourCore
Microsoft has disclosed a group of vulnerabilities in Linux known as Nimbuspwn that allows attackers to gain root privileges on a vulnerable system. Find out if you are vulnerable.
Nozomi Networks Discovers Unpatched DNS Bug in Popular C Standard Library Putting IoT at Risk
https://ift.tt/ygLvsbc
Submitted May 04, 2022 at 01:34AM by 39816561
via reddit https://ift.tt/xQLgRsc
https://ift.tt/ygLvsbc
Submitted May 04, 2022 at 01:34AM by 39816561
via reddit https://ift.tt/xQLgRsc
Nozominetworks
Nozomi Networks Discovers Unpatched DNS Bug in Popular C Standard Library Putting IoT at Risk
Nozomi Networks Labs has disclosed an unpatched vulnerability affecting the DNS of popular C standard libraries potentially in use by millions of IoT devices: uClibc and uClibc-ng.
Responsible Disclosure: 6000 Vulnerability Submissions Later
https://ift.tt/GZTv5cm
Submitted May 04, 2022 at 01:55AM by ibuydan
via reddit https://ift.tt/lc0kKQw
https://ift.tt/GZTv5cm
Submitted May 04, 2022 at 01:55AM by ibuydan
via reddit https://ift.tt/lc0kKQw
Useful Security Tools and Resources for Digital Forensics
https://ift.tt/DPZWlJp
Submitted May 04, 2022 at 04:41AM by Khaotic_Kernel
via reddit https://ift.tt/ZeVP1UG
https://ift.tt/DPZWlJp
Submitted May 04, 2022 at 04:41AM by Khaotic_Kernel
via reddit https://ift.tt/ZeVP1UG
GitHub
GitHub - mikeroyal/Digital-Forensics-Guide: Digital Forensics Guide. Learn all about Digital Forensics, Computer Forensics, Mobile…
Digital Forensics Guide. Learn all about Digital Forensics, Computer Forensics, Mobile device Forensics, Network Forensics, and Database Forensics. - GitHub - mikeroyal/Digital-Forensics-Guide: Dig...
Exploiting Dynamic Linking Procedure In x64 ELF Binaries
https://ift.tt/xZprTdb
Submitted May 04, 2022 at 10:23AM by paran0ide
via reddit https://ift.tt/0YSONCr
https://ift.tt/xZprTdb
Submitted May 04, 2022 at 10:23AM by paran0ide
via reddit https://ift.tt/0YSONCr
Syst3m Failure
Ret2dl_resolve x64: Exploiting Dynamic Linking Procedure In x64 ELF Binaries
In this article, we will start analyzing the lazy binding process, we will proceed dissecting dl-runtime, understanding when is possible to use this technique without a leak, and finally we will build our exploit.
Themes from Real World Crypto 2022
https://ift.tt/Gkr1Kba
Submitted May 04, 2022 at 11:05AM by yossarian_flew_away
via reddit https://ift.tt/09EwvNb
https://ift.tt/Gkr1Kba
Submitted May 04, 2022 at 11:05AM by yossarian_flew_away
via reddit https://ift.tt/09EwvNb
Trail of Bits Blog
Themes from Real World Crypto 2022
By William Woodruff Last week, over 500 cryptographers from around the world gathered in Amsterdam for Real World Crypto 2022, meeting in person for the first time in over two years. As in previous…
Authenticating with certificates when PKINIT is not supported
https://ift.tt/bT03Vom
Submitted May 04, 2022 at 06:09PM by the-useless-one
via reddit https://ift.tt/xFN4InE
https://ift.tt/bT03Vom
Submitted May 04, 2022 at 06:09PM by the-useless-one
via reddit https://ift.tt/xFN4InE
reddit
Authenticating with certificates when PKINIT is not supported
Posted in r/netsec by u/the-useless-one • 74 points and 0 comments
Shady economics of proxy services
https://ift.tt/kWi2Vcm
Submitted May 04, 2022 at 07:00PM by rushter_
via reddit https://ift.tt/ulikPe0
https://ift.tt/kWi2Vcm
Submitted May 04, 2022 at 07:00PM by rushter_
via reddit https://ift.tt/ulikPe0
Artem Golubin
Shady economics of proxy services
This article explains shady economics of proxy services — its users and suppliers.
UNC3524: Eye Spy on Your Email
https://ift.tt/cv1ReOX
Submitted May 03, 2022 at 02:10AM by mattjayy
via reddit https://ift.tt/xWjV9Hy
https://ift.tt/cv1ReOX
Submitted May 03, 2022 at 02:10AM by mattjayy
via reddit https://ift.tt/xWjV9Hy
Mandiant
UNC3524: Eye Spy on Your Email | Mandiant
North Korea’s Lazarus: their initial access trade-craft using social media and social engineering
https://ift.tt/M1QkLpT
Submitted May 05, 2022 at 02:15PM by digicat
via reddit https://ift.tt/XzpujdS
https://ift.tt/M1QkLpT
Submitted May 05, 2022 at 02:15PM by digicat
via reddit https://ift.tt/XzpujdS
Nccgroup
Cyber Security Research
Cutting-edge cyber security research from NCC Group. Find public reports, technical advisories, analyses, & other novel insights from our global experts.
The curious case of mavinject.exe
https://ift.tt/QjFLvDA
Submitted May 05, 2022 at 08:27PM by sciencestudent99
via reddit https://ift.tt/xBVLbWI
https://ift.tt/QjFLvDA
Submitted May 05, 2022 at 08:27PM by sciencestudent99
via reddit https://ift.tt/xBVLbWI
FourCore
The curious case of mavinject.exe
Mavinject, described as Microsoft Application Visualisation Injector, is a signed Microsoft executable that can be abused to perform arbitrary code injections inside any running process.
A Deep Dive into AvosLocker Ransomware
https://ift.tt/gfaDJrY
Submitted May 05, 2022 at 08:16PM by CyberMasterV
via reddit https://ift.tt/FoLg7rH
https://ift.tt/gfaDJrY
Submitted May 05, 2022 at 08:16PM by CyberMasterV
via reddit https://ift.tt/FoLg7rH
An Easy Misconfiguration to Make: Hidden Dangers in the Cloud Control Plane
https://ift.tt/LNyrQug
Submitted May 05, 2022 at 11:24PM by ajohnston9
via reddit https://ift.tt/MtImjo3
https://ift.tt/LNyrQug
Submitted May 05, 2022 at 11:24PM by ajohnston9
via reddit https://ift.tt/MtImjo3
www.mitiga.io
An Easy Misconfiguration to Make: Hidden Dangers in the Cloud Control Plane
The biggest risk in cloud development is not recognizing the differences between cloud and traditional definitions of common architecture terms. For example, imagine a system that is completely “firewalled off”—a firewall prevents any inbound or outbound…
From KBs to CVEs: Understanding the Relationships Between Windows Security Updates and Vulnerabilities
https://ift.tt/Td64RkL
Submitted May 06, 2022 at 02:09AM by derp6996
via reddit https://ift.tt/T5Pls8N
https://ift.tt/Td64RkL
Submitted May 06, 2022 at 02:09AM by derp6996
via reddit https://ift.tt/T5Pls8N
Fuzzing ClamAV with real malware samples
https://ift.tt/WfzhX8p
Submitted May 06, 2022 at 11:14AM by mmmds
via reddit https://ift.tt/Fpi5cOu
https://ift.tt/WfzhX8p
Submitted May 06, 2022 at 11:14AM by mmmds
via reddit https://ift.tt/Fpi5cOu
reddit
Fuzzing ClamAV with real malware samples
Posted in r/netsec by u/mmmds • 67 points and 2 comments
A New Way To View Risk Assessment For Vulnerabilities Management
https://ift.tt/y0zU9SD
Submitted May 06, 2022 at 03:27PM by Devin_Devop
via reddit https://ift.tt/a7y6bBw
https://ift.tt/y0zU9SD
Submitted May 06, 2022 at 03:27PM by Devin_Devop
via reddit https://ift.tt/a7y6bBw
Otorio
OTORIO Blog Take OT Digital and Cyber Security Posture Assessment to the Next Level - Vulnerabilities Management and Scoring
Mitigating OT security risk is an ongoing process, so operational security teams need to automate vulnerability assessments and risk calculations.
CloudFlare Pages, part 1: The fellowship of the secret
https://ift.tt/mVqDzg9
Submitted May 06, 2022 at 07:01PM by albinowax
via reddit https://ift.tt/pTJNmLU
https://ift.tt/mVqDzg9
Submitted May 06, 2022 at 07:01PM by albinowax
via reddit https://ift.tt/pTJNmLU
Assetnote
Cloudflare Pages, part 1: The fellowship of the secret
Application security issues found by Assetnote
I started a newsletter and would love your feedback
https://ift.tt/7pEm8KZ
Submitted May 08, 2022 at 07:35PM by nunorbatista
via reddit https://ift.tt/apmeyb8
https://ift.tt/7pEm8KZ
Submitted May 08, 2022 at 07:35PM by nunorbatista
via reddit https://ift.tt/apmeyb8
cyb3rsecurity.tips
Cybersecurity Tips
A (best-effort) weekly newsletter that will make you understand Cybersecurity better. Click to read Cybersecurity Tips, by Nuno, a Substack publication with hundreds of readers.
Expanding on Existing IoCs to Leverage Immediate Threats Simulations
https://ift.tt/IjPGtbm
Submitted May 09, 2022 at 12:15PM by bayhitlaw
via reddit https://ift.tt/8RSETLP
https://ift.tt/IjPGtbm
Submitted May 09, 2022 at 12:15PM by bayhitlaw
via reddit https://ift.tt/8RSETLP
Cymulate
Expanding on Existing IoCs to Leverage Immediate Threats Simulations
Our latest Cymulate blog provides quick and easy ways to expand on your IoC list to leverage immediate threats simulations.
POC for CVE-2022-1388
https://ift.tt/ptedTUB
Submitted May 09, 2022 at 05:36PM by scopedsecurity
via reddit https://ift.tt/eskP4jM
https://ift.tt/ptedTUB
Submitted May 09, 2022 at 05:36PM by scopedsecurity
via reddit https://ift.tt/eskP4jM
GitHub
GitHub - horizon3ai/CVE-2022-1388: POC for CVE-2022-1388
POC for CVE-2022-1388. Contribute to horizon3ai/CVE-2022-1388 development by creating an account on GitHub.