New attack on certificate transparency reveals previously unknown domains!

Part 2

On May 27th, I reported a handful of security vulnerabilities to VMWare impacting their vRealize Operations Management Suite (vROps) appliance. In this blog ...

Posted by sanitybit - 130 votes and 1 comment

This is the last part of our SD-PWN series where we present severe vulnerabilities in four of the leading SD-WAN vendors. This time…

BlueHound - pinpoint the security issues that actually matter - GitHub - zeronetworks/BlueHound: BlueHound - pinpoint the security issues that actually matter

Learn how to quickly inventory, attack, and remediate network shares configured with excessive permissions assigned to SMB shares in Active Directory environments.

What is Reconnaissance in 'Hacking Terms'?

Cryptominers are one of the main cloud threats today. Detecting crypto miners is a complex task, but machine learning could help to develop a robust detection algorithm.

AWSGoat : A Damn Vulnerable AWS Infrastructure. Contribute to ine-labs/AWSGoat development by creating an account on GitHub.

The recent rise of HTTP Request Smuggling has seen a flood of critical findings enabling near-complete compromise of numerous major websites. However, the threat has been confined to attacker-accessib

A deep dive into an in-the-wild Android exploit Guest Post by Xingyu Jin, Android Security Research This is part one of a two-part guest...

Update History
Aug. 10, 2022
Adding clarifying details on activity involving active directory.
Aug. 10, 2022
Update made to the Cisco Response and Recommendations section related to MFA.

One of the most relevant techniques during the reconnaissance phase of an engagement is subdomain enumeration. This post aims to enhance this phase by including a special DNS node (ENT) and the NOERROR response code that is often ignored.

After months of dedicated research we cover a wide range of concealed code execution techniques and investigate their mechanisms and how to detect them.

A recently uncovered malware sample dubbed ‘Saitama’ was uncovered by security firm Malwarebytes in a weaponized document, possibly targeted towards the Jordan government. This Saitama implant uses DNS as its sole Command and Control channel and utilizes…

 &  (Microsoft Threat Intelligence Center) With special thanks to .   Microsoft’s threat intelligence teams are observing increasing use of password sprays as an attack vector. As sign-in protections have improved, the “low and slow” variant, has become more…

Fully dockerized Linux kernel debugging environment - GitHub - 0xricksanchez/like-dbg: Fully dockerized Linux kernel debugging environment

Claire Tills, senior research engineer at Tenable, describes the methods of the hacking group Lapsus$ as bold, illogical and poorly thought out. The criminals attacked renowned companies such as Microsoft, Samsung, Nvidia, Vodafone, Ubisoft and Okta. They…