The Threat Analysis Group shares new information on the commercial spyware vendor Variston.

Share your videos with friends, family, and the world

We are working diligently to understand the scope of the incident and identify what specific information has been accessed.

How IBM Cloud caught us exploring its infrastructure and how a hardcoded secret eventually led to build artifact access and manipulation

Exciting news – we’ve released a new version of our CI/CD Goat CTF platform, a deliberately vulnerable CI/CD environment. We decided to release a new version with a shiny new challenge, after our previous 10 challenges were enthusiastically received and widely…

ONEKEY identifies a command injection bug in the M25 NAS from Asus. Read the latest Security Advisory here

This advisory contains information about the following vulnerabilities:
- OOB Accesses Using the Logging System

Last month, during Ekoparty, Blue Frost Security published a Windows challenge. Since having a Windows exploitation challenge, is one of a kind in CTFs, and since I’ve found the challenge interesting and very clever, I’ve decided to post about my reverse…

### Summary
An attacker could, through a link or website, take over the computer of a Visual Studio Code user and any computers they were connected to via the [Visual Studio Code Remote Developmen...

This post contains a chain of vulnerabilities I responsibly disclosed to Riot Games in November of 2016. I’m publicly disclosing it now as…

Leaders in Information Security

Aqua Nautilus discovers Redigo, new previously undetected Go-based malware that targets Redis servers to gain domination on the compromised machine

NVIDIA released a security update fixing 25 GPU display driver vulnerabilities that could lead to code execution, denial of service, and more.

Real-time HTTP Intrusion Detection. Contribute to kitabisa/teler development by creating an account on GitHub.