Catch SOC Prime’s pick of top 3 most devastating data breaches that affected large businesses and left victims wondering: how they did it?

Toll fraud malware, a subcategory of billing fraud in which malicious applications subscribe users to premium services without their knowledge or consent, is one of the most prevalent types of Android malware – and it continues to evolve.

Digital transformation: Most of us have probably already heard this term, sometime, somewhere. It’s somewhat difficult to miss when…

TJ shows us how adversaries use macro weaponization techniques to abuse hidden functionalities contained in Office document properties.

Authored by Alberto Segura (main author) and Rolf Govers (co-author) Summary Flubot is an Android based malware that has been distributed in the past 1.5 years inEurope, Asia and Oceania affecting …

Ransomware simulation noscript written in PowerShell. Useful for testing your defenses and backups against real ransomware-like activity in a controlled setting. - GitHub - lawndoc/RanSim: Ransomware...

The rumors about Intel SGX deprecated in new processors has been confirmed, 12th generation processors (Workstation/Desktop/Laptop/embedded platforms) will deprecate SGX and the SGX will continue to support only in high-end Xeon CPU for server:

The inner workings of how we build a Static Application Security Testing program at Razorpay

About The Project Security researcher Silas Cutler recently tweeted a link to a unique data set of Cobalt Strike Beacon payloads, and their extracted configurations (thanks Silas!). This is a fairly large data set going back to November of 2021, and containing…

Recent research showed that over 900,000 Kubernetes clusters were found exposed to the internet to potentially malicious scans

The HTML Sanitizer is a great new API that allows web developers to filter untrusted HTML natively in the browser rather than use a JavaScript library such as DOM Purify. Microsoft created a similar A

rediscovering and developing a weaponized exploit for a command injection vulnerability in Orbi wifi systems that was reported and patched last year.

Windows RPC enumeration, discovery, and auditing via NtObjectManager. We will audit the vulnerable RPC interfaces that lead to PetitPotam, discover how they have changed over the past year, and overcome some common RPC auditing pitfalls.

Application security issues found by Assetnote

Attackers are always on the lookout to gain access to credentials, which are a critical asset to protect and are widespread throughout the organization.