Vulnerability scanner written in Go which uses the data provided by https://osv.dev - GitHub - google/osv-scanner: Vulnerability scanner written in Go which uses the data provided by https://osv.dev

Intro Normally, when a users backup their iOS device, the backup is saved into ~/Library/Application Support/MobileSync/Backup directory. The MobileSync directory is properly protected by TCC, as the backup can contain photos, contact information, everything…

A technical analysis where we use sentinel value to bypass the Latest Chrome v8 HardenProtect

Every week, almost without fail, I come across one thing that confuses, entertains, or most commonly infuriates me. I’ve decided to keep a…

TL;DR Istio is an open-source service mash that can layer over applications. Studying CVE-2021-34824 in Istio will allow us to dive into some concepts of Istio and service meshes in general. We...

CVE-2022-20958: Cisco BroadWorks CommPilot Application allows authenticated users to upload configuration files on the platform. The lack of file validation and a broken access control on the vulnerable upload serverlet allows any authenticated user to upload…

CVE-2022-20951: Cisco BroadWorks CommPilot Application exposes a servlet that allows the application to be used as an HTTP proxy server. The lack of validation of the the target URL and the lack of authentication protection allows an unauthenticated attacker…

DirtyCred Remastered: how to turn an UAF into Privilege Escalation

Disclaimer: as many other security researchers […]

As part of my internship at STAR Labs, I conducted n-day analysis of CVE-2020-6418. This vulnerability lies in the V8 engine of Google Chrome, namely its optimizing compiler Turbofan. Specifically, the vulnerable version is in Google Chrome’s V8 prior to…

Cutting-edge cyber security research from NCC Group. Find public reports, technical advisories, analyses, & other novel insights from our global experts.

Taking a look at the timeline leading up to exploitation of CVE-2022-35914 and the current state of attacks in the wild.

How enabling a single vulnerable feature removed the entire network and identity perimeter around internet-isolated Azure Cognitive Search instances.

Last week's news and how-tos in the art and science of Detection Engineering

We are working diligently to understand the scope of the incident and identify what specific information has been accessed.

Laika helps companies manage compliance, obtain security certifications, and build trust with enterprise customers.

An open source append only database of known subdomains to discover, store and serve subdomains as fast as possible.

Isn’t there a better moment than the Holiday season to release a major update of our RDP Attack and Eavesdropping tool PyRDP? That’s right, pour yourself a little glass of eggnog, sit in a comfortable chair, put on some Christmas music and read about the…