After months of dedicated research we cover a wide range of concealed code execution techniques and investigate their mechanisms and how to detect them.

A recently uncovered malware sample dubbed ‘Saitama’ was uncovered by security firm Malwarebytes in a weaponized document, possibly targeted towards the Jordan government. This Saitama implant uses DNS as its sole Command and Control channel and utilizes…

 &  (Microsoft Threat Intelligence Center) With special thanks to .   Microsoft’s threat intelligence teams are observing increasing use of password sprays as an attack vector. As sign-in protections have improved, the “low and slow” variant, has become more…

Fully dockerized Linux kernel debugging environment - GitHub - 0xricksanchez/like-dbg: Fully dockerized Linux kernel debugging environment

Claire Tills, senior research engineer at Tenable, describes the methods of the hacking group Lapsus$ as bold, illogical and poorly thought out. The criminals attacked renowned companies such as Microsoft, Samsung, Nvidia, Vodafone, Ubisoft and Okta. They…

How Wiz Research uncovered multiple related vulnerabilities in PostgreSQL-as-a-Service offerings from GCP, Azure, and others.

CLI utilities to facilate system monitoring and malware analysis.

VileRAT is a Python implant, part of an evasive and highly intricate attack campaign against foreign exchange and cryptocurrency trading companies.

Blackhat 2022, on its 25th anniversary, took place this week in Las Vegas, and also in its virtual format.

Research By: Slava Makkaveev Introduction Have you ever wondered if it is safe to make payments from a mobile device? Can a malicious app steal money from your digital wallet? According to the latest statistics, the Far East and China accounted for two-thirds…

Our security research led to the discovery of a flaw in a popular Apache2 authentication module. We come back on this case of parsing differential and how various languages behave when working with URLs.

Based on CVSS Score alone you cannot effectively prioritize issues without taking considerable risk. Other than the practically non-existent Low CVSS severity category all have numerous exploited vulnerabilities

Rapid7 discovered vulnerabilities and non-security issues affecting Cisco ASA, ASDM, and FirePOWER Services Software for ASA.

Cisco Compromise - Insights from Cisco and the trails the attackers can leave in your logs.

The Car Last summer I bought a 2021 Hyundai Ioniq SEL. It is a nice fuel-efficient hybrid with a decent amount of features like wireless Android Auto/Apple CarPlay, wireless phone charging, heated seats, & a sunroof.
One thing I particularly liked about this…

Threats targeting cyberspace are becoming more prominent and intelligent day by day. This inherently leads to a dire demand for continuous security validation and testing. By combining the power of MITRE ATT&CK and MITRE Defend, security practitioners can…

Threatest is a Go framework for end-to-end testing of threat detection rules

Passive hostname, domain and IP lookup tool for non-robots - GitHub - pirxthepilot/wtfis: Passive hostname, domain and IP lookup tool for non-robots