AWS Organizations is a common service to run into in AWS environments. It's default behavior can make it a target for attackers.

Keeping up with security research is near impossible. ThinkstScapes helps with this. We scour through thousands of blog posts, tweets and conference proceedings to give you an overview of the work we think significantly moves the needle.

Programmable debugger. Contribute to osandov/drgn development by creating an account on GitHub.

Phylum uncovers a new campaign targeting Python developers. Malware authors surreptitiously replace cryptocurrency addresses in developer clipboards.

Maturity models help integrate traditionally separate organizational functions, set process improvement goals and priorities, provide guidance for quality processes, and provide benchmark for appra...

Substation is a toolkit for routing, normalizing, and enriching security event and audit logs. - brexhq/substation

Posted by u/carrotcypher - 372 votes and 241 comments

For decades, software vulnerabilities have remained an unsolvable security problem regardless of years of investment in various mitigations, hardening and fuzzing strategies. In the last years there have been moves to formal methods as a path toward better…

Shennina Framework - Automating Host Exploitation with AI.

Sigstore announced the general availability of its free and ecosystem-agnostic software signing service two weeks ago, giving developers a way to sign, verify and protect their software projects and the dependencies they rely on. Trail of Bits is absolutely…

This commercial malware is used to download and deploy additional malware and ransomware on infected machines. We analyzed the latest version

Quick look at a new stealer utilizing polyglot files

Dig deeper into the techniques used by attackers and the mitigations you should implement when ransomware on Azure affects you.

SpyGuard is a forked and enhanced version of TinyCheck. SpyGuard's main objective is to detect signs of compromise by monitoring network flows transmitted by a device. - SpyGuard/SpyGuard

CVE-2022-40843 CVE-2022-40845 CVE-2022-40847 CVE-2022-40844 CVE-2022-40846 CVE-2022-41395 CVE-2022-41396 CVE-2022-42053 CVE-2022-42058 CVE-2022-42060

Compromising Plesk via its REST API, CSRF, CORS misconfiguration, add db user, add backdoor, add secret token, cookieless CSRF

Windows ZIP extraction bug (CVE-2022-41049) lets attackers craft ZIP files, which evade warnings on attempts to execute packaged files, even if ZIP file was downloaded from the Internet.

The second article of this series outlines how an attacker can leverage the ability to forge arbitrary LQL queries to gain access to the NagVis component.