June 2023 Update — Hardwear.io Conference Talk:

Aqua discusses how Tracee monitors for the Dirty Pipe vulnerability and how in-kernel technology like eBPF monitors writes that result from it

Mitigate the risk of isolation escape with a new framework for modeling and improving tenant isolation in cloud SaaS and PaaS.

A POC for the new injection technique, abusing windows fork API to evade EDRs. https://www.blackhat.com/eu-22/briefings/schedule/index.html#dirty-vanity-a-new-approach-to-code-injection--edr-bypass...

Tl;dr : This article is analysis of over 50 submissions for a JavaScript integer overflow challenge. Many submissions did not address the root cause. A range check on the input as well as arithmetic output using a right data type can eliminate the vulnerability.…

Talks/WorkshopsThe BSidesSF 2023 CFP is now closed. Check back for updated deadlines for accepted presenters. January 24, 2023 – Notifications on talk/workshop acceptance/rejection start bei...

First time anti-debug techniques are discovered in PyPI malware. Read how these techniques are implemented, including analysis and tips from JFrog Security Research.

An international operation targeting tools and services used to commit serious cyber attacks has seen the takedown of 48 of the world’s most popular ‘booter’ sites.

Earlier this year, the SEC Consult Vulnerability Lab published a technical security advisory on different critical vulnerabilities in Zyxel devices, resulting from insecure coding practices and insecure configuration. Those also included a highly critical…

We chose to investigate the services provided by LEGO, perhaps the most famous toy manufacturer in the world – because we contend this example sheds light on the reality of quick adoption of APIs and the risks that can come with that fast pace.

The venerable cryptographic hash function has vulnerabilities that make its further use inadvisable.

Musk has boasted of entrapping a Tesla leaker by watermarking emails, and he is threatening any dissidents still at Twitter.

Summary A vulnerability in the UMPD (User-Mode Printer Drivers) allows local users to trigger a use-after-free vulnerability. The vulnerability works from Windows 8 and above, and is fairly easy to exploit on older Windows machines. Credit An independent…

Introduction This is the second part of our Decentralized Identity (DID) blog series. In case you’re not familiar with DID concepts, we highly encourage you to start with the first part. This time...

Author, test and deploy security tests. Contribute to preludeorg/build development by creating an account on GitHub.

OSCP 2022

TL;DR The modern frameworks are often very flexible with what they accept, and will happily treat a POST with a JSON body as interchangeable with a URL encoded body, or even with query parameters. Due to this, an unexploitable JSON XSS vector can sometimes…

IDA plugin which queries OpenAI's gpt-3.5-turbo language model to speed up reverse-engineering - GitHub - JusticeRage/Gepetto: IDA plugin which queries OpenAI's gpt-3.5-turbo langua...

TPMS Tracking