RouterOS release 7.4beta4 introduced containers for MikroTik devices. From the changelog: container - added support for running Docker (TM) containers on AR...

Disclaimer: as many other security researchers […]

This post covers an interesting vulnerability we (Jayden and David) found in the io_uring subsystem of the Linux kernel.

Post the Office macros deprecation, a new malware delivery method is on the rise. Container file formats like ISOs/RARs/ZIPs and LNKs/DLLs can bypass Mark-of-the-Web, Microsoft’s prime defence.

Note: This is Part 1 in a series of posts discussing security analysis of printer drivers extracted and installed from public resources. This part explains how we located publicly available drivers distributed by WeWork and conducted initial analysis. Part…

Learn how passwordless authentication works and how it's built using WebAuthn.

Useful Techniques, Tactics, and Procedures for red teamers and defenders, alike! - GitHub - RoseSecurity/Red-Teaming-TTPs: Useful Techniques, Tactics, and Procedures for red teamers and defenders, ...

a quick post on a format string bug in libinput I found last year but never got around to debugging, plus some exploit code to leak the stack canary on a default Xubuntu 20.04.4 system.

This post covers the history of the Stem Player, the development of the emulator, how badly the product was handled and some behind-the-scenes interactions with the creators

The SocVel Cybersecurity Quiz [w26] Play this week's quiz, jam-packed with 10 of the most interesting #infosec stories from the past week. Play now!

0. VaultFuzzer S0rry, VaultFuzzer is not the main player today. We’re going have little ride with Harbian-QA and GREBE today.

Public Amazon registries could reveal enough information to steal the identity of someone who hasn’t been born yet.

An OSINT tool to search for accounts by username in social networks. - GitHub - p1ngul1n0/blackbird: An OSINT tool to search for accounts by username in social networks.

Download WinAPI Search - Search Utility For Win32 Functions & Error Codes

code-searching tool and static code analysis - Beta - GitHub - CoolerVoid/codewarrior: code-searching tool and static code analysis - Beta

07/08/2022

When using DNS in the Cloud, security cannot be forgotten. Learn more about security best practices for DNS in the Cloud

The attackers were able to penetrate dozens of enterprises and even hijack the IT infrastructure of some, taking control of systems used to manage security solutions. The goal of this series of attacks was cyberespionage.

SimpleX - the first messaging platform operating without user identifiers of any kind - 100% private by design! iOS and Android apps are released 📱! - simplex-chat/20220808-simplex-chat-v3.1-chat-g...