Information disclosure to GDPR breach? A Google tale…
https://ift.tt/JopCXje
Submitted February 10, 2023 at 10:26PM by lukeberner
via reddit https://ift.tt/pqGmZzD
https://ift.tt/JopCXje
Submitted February 10, 2023 at 10:26PM by lukeberner
via reddit https://ift.tt/pqGmZzD
Medium
Information disclosure or GDPR breach? A Google tale…
This is a vulnerability I reported back in April, 2022
LocalPotato - When Swapping The Context Leads You To SYSTEM
https://ift.tt/g2xsO5a
Submitted February 10, 2023 at 10:21PM by splinter_code
via reddit https://ift.tt/3YmEZnF
https://ift.tt/g2xsO5a
Submitted February 10, 2023 at 10:21PM by splinter_code
via reddit https://ift.tt/3YmEZnF
Localpotato
LocalPotato - When Swapping The Context Leads You To SYSTEM
Here we are again with our new *potato flavor, the LocalPotato! This was a cool finding so we decided to create this dedicated website ;)
FireFly : an advanced black-box fuzzer and not just a standard asset discovery tool
https://ift.tt/qQ3rGK6
Submitted February 11, 2023 at 02:29AM by hisxo
via reddit https://ift.tt/Pt6BxRH
https://ift.tt/qQ3rGK6
Submitted February 11, 2023 at 02:29AM by hisxo
via reddit https://ift.tt/Pt6BxRH
GitHub
GitHub - Brum3ns/firefly: Black box fuzzer for web applications
Black box fuzzer for web applications. Contribute to Brum3ns/firefly development by creating an account on GitHub.
Active Malware Campaign Targeting Popular Python Packages Underway
https://ift.tt/s6Qlbck
Submitted February 11, 2023 at 06:02AM by louis11
via reddit https://ift.tt/JTYhDbs
https://ift.tt/s6Qlbck
Submitted February 11, 2023 at 06:02AM by louis11
via reddit https://ift.tt/JTYhDbs
Phylum
Phylum Discovers Revived Crypto Wallet Address Replacement Attack
Phylum discovers over 451 unique malicious packages targeting popular PyPI packages like Selenium.
Understanding auditd logs for threat hunting
https://ift.tt/AWke2yr
Submitted February 11, 2023 at 01:07PM by InH4te
via reddit https://ift.tt/KkcTJfV
https://ift.tt/AWke2yr
Submitted February 11, 2023 at 01:07PM by InH4te
via reddit https://ift.tt/KkcTJfV
Medium
Linux auditd for Threat Detection [Part 2]
Part 1: Linux auditd for Threat Detection [Part 1]
GitHub - dwisiswant0/gfx: A wrapper around grep, to help you grep for things! - Improved version of gf by @tomnomnom.
https://ift.tt/WXjFeU7
Submitted February 11, 2023 at 06:31PM by dwisiswant0
via reddit https://ift.tt/zfcUInx
https://ift.tt/WXjFeU7
Submitted February 11, 2023 at 06:31PM by dwisiswant0
via reddit https://ift.tt/zfcUInx
GitHub
GitHub - dwisiswant0/gfx: A wrapper around grep, to help you grep for things! - Improved version of gf by @tomnomnom.
A wrapper around grep, to help you grep for things! - Improved version of gf by @tomnomnom. - GitHub - dwisiswant0/gfx: A wrapper around grep, to help you grep for things! - Improved version of gf ...
CHERIoT: Rethinking security for low-cost embedded systems - Microsoft Research
https://ift.tt/v4tiz75
Submitted February 12, 2023 at 03:00PM by Gallus
via reddit https://ift.tt/zXCce0S
https://ift.tt/v4tiz75
Submitted February 12, 2023 at 03:00PM by Gallus
via reddit https://ift.tt/zXCce0S
Microsoft Research
CHERIoT: Rethinking security for low-cost embedded systems - Microsoft Research
Small embedded cores have little area to spare for security features and yet must often run code written in unsafe languages and, increasingly, are exposed to the hostile Internet. CHERIoT (Capability Hardware Extension to RISC-V for Internet of Things)…
HWSyscalls is a new method to execute indirect syscalls using hardware breakpoints, HalosGate and a synthetic trampoline on kernel32 with hardware breakpoints.
https://ift.tt/0mznCo1
Submitted February 12, 2023 at 09:46PM by Idov31
via reddit https://ift.tt/qVUOhYn
https://ift.tt/0mznCo1
Submitted February 12, 2023 at 09:46PM by Idov31
via reddit https://ift.tt/qVUOhYn
GitHub
GitHub - Dec0ne/HWSyscalls: HWSyscalls is a new method to execute indirect syscalls using HWBP, HalosGate and a synthetic trampoline…
HWSyscalls is a new method to execute indirect syscalls using HWBP, HalosGate and a synthetic trampoline on kernel32 with HWBP. - GitHub - Dec0ne/HWSyscalls: HWSyscalls is a new method to execute i...
GitHub - Curated Intelligence is working with analysts from around the world to provide useful information to organisations in Ukraine looking for additional free threat intelligence. Slava Ukraini. Glory to Ukraine.
https://ift.tt/pXyOJZ8
Submitted February 13, 2023 at 02:11AM by JS_mkting
via reddit https://ift.tt/uo3U45Q
https://ift.tt/pXyOJZ8
Submitted February 13, 2023 at 02:11AM by JS_mkting
via reddit https://ift.tt/uo3U45Q
GitHub
GitHub - curated-intel/Ukraine-Cyber-Operations: Curated Intelligence is working with analysts from around the world to provide…
Curated Intelligence is working with analysts from around the world to provide useful information to organisations in Ukraine looking for additional free threat intelligence. Slava Ukraini. Glory t...
ClamAV on Linux Systems
https://ift.tt/J0SG21F
Submitted February 13, 2023 at 08:43AM by bokage1
via reddit https://ift.tt/BJlWusd
https://ift.tt/J0SG21F
Submitted February 13, 2023 at 08:43AM by bokage1
via reddit https://ift.tt/BJlWusd
Medium
Antivirus On Linux System
Antivirus on Windows systems seems to be an essential since the beginning of time. Perhaps due to the large adoption of using Windows…
How curious are you?
https://ift.tt/YXEzM6t
Submitted February 12, 2023 at 04:04PM by NemanjaVas
via reddit https://ift.tt/LXb9Q3H
https://ift.tt/YXEzM6t
Submitted February 12, 2023 at 04:04PM by NemanjaVas
via reddit https://ift.tt/LXb9Q3H
RCE in Western Digital PR4100 NAS (OS 3)
https://ift.tt/VFgrDTY
Submitted February 13, 2023 at 04:57PM by albinowax
via reddit https://ift.tt/tOXBDHG
https://ift.tt/VFgrDTY
Submitted February 13, 2023 at 04:57PM by albinowax
via reddit https://ift.tt/tOXBDHG
Flashback Team
WEEKEND DESTROYER - RCE in Western Digital PR4100 NAS — Flashback Team
RCE with a plot twist.
Verified Security Test: Malicious File vs EDR
https://ift.tt/wvBTeNg
Submitted February 13, 2023 at 09:30PM by DH_Prelude
via reddit https://ift.tt/3bumn1X
https://ift.tt/wvBTeNg
Submitted February 13, 2023 at 09:30PM by DH_Prelude
via reddit https://ift.tt/3bumn1X
GitHub
GitHub - preludeorg/test: Verified Security Tests
Verified Security Tests. Contribute to preludeorg/test development by creating an account on GitHub.
How I hacked into a Telecom Network — Part 1 (Getting the RCE)
https://ift.tt/0e8VHFo
Submitted February 14, 2023 at 01:35AM by TheCyb3rAlpha
via reddit https://ift.tt/vp9KnqR
https://ift.tt/0e8VHFo
Submitted February 14, 2023 at 01:35AM by TheCyb3rAlpha
via reddit https://ift.tt/vp9KnqR
Medium
How I hacked into a Telecom Network — Part 1 (Getting the RCE)
TLDR; Red Team Engagement for a telecom company. Got a foothold on the company’s Network Monitoring System (NMS). Sorted reverse shell…
N.J. hospital admits data breach involving thousands of patients
https://ift.tt/CP3JltS
Submitted February 14, 2023 at 04:19AM by irckeyboardwarrior
via reddit https://ift.tt/THIf4qx
https://ift.tt/CP3JltS
Submitted February 14, 2023 at 04:19AM by irckeyboardwarrior
via reddit https://ift.tt/THIf4qx
nj
N.J. hospital admits data breach involving thousands of patients
More than a month after the attack, the hospital apologized to patients whose data may have been stolen.
Exploiting a remote heap overflow with a custom TCP stack
https://ift.tt/yZr24PD
Submitted February 14, 2023 at 10:48AM by Gallus
via reddit https://ift.tt/INfV9AG
https://ift.tt/yZr24PD
Submitted February 14, 2023 at 10:48AM by Gallus
via reddit https://ift.tt/INfV9AG
Synacktiv
Exploiting a remote heap overflow with a custom TCP stack
In November 2021 our team took part in the ZDI Pwn2Own Austin 2021 competition [1] with multiple entries.
HackDojo: search engine for top security conference presentations and whitepapers
https://ift.tt/q6EB72V
Submitted February 14, 2023 at 08:31PM by sea__tak
via reddit https://ift.tt/yEmX9Dl
https://ift.tt/q6EB72V
Submitted February 14, 2023 at 08:31PM by sea__tak
via reddit https://ift.tt/yEmX9Dl
HackDojo
HackDojo is a search engine for top conference presentations popular among engineers
A Different Payload for ManageEngine's CVE-2022-47966
https://ift.tt/xLhNQr9
Submitted February 14, 2023 at 08:25PM by chicksdigthelongrun
via reddit https://ift.tt/4jHRzsM
https://ift.tt/xLhNQr9
Submitted February 14, 2023 at 08:25PM by chicksdigthelongrun
via reddit https://ift.tt/4jHRzsM
A Different Payload for CVE-2022-47966 - Blog - VulnCheck
Exploring a memory resident payload for CVE-2022-47966.
How to deal with developers' fatigue? - Having a long list of vulnerabilities to fix
https://ift.tt/Qt1XkW0
Submitted February 14, 2023 at 09:37PM by MiguelHzBz
via reddit https://ift.tt/IPgmCtE
https://ift.tt/Qt1XkW0
Submitted February 14, 2023 at 09:37PM by MiguelHzBz
via reddit https://ift.tt/IPgmCtE
Sysdig
Vulnerability Prioritization - Combating Developer Fatigue
2023 still a challenge for developers to endure the fatigue of continually vulnerability prioritization and mitigating new threats.
Semgrep Code: SAST designed and built for engineers
https://ift.tt/zuNdkUx
Submitted February 14, 2023 at 10:36PM by iterablewords
via reddit https://ift.tt/QTbeyDB
https://ift.tt/zuNdkUx
Submitted February 14, 2023 at 10:36PM by iterablewords
via reddit https://ift.tt/QTbeyDB
Announcing Semgrep Code: SAST designed and built for engineers
Could Electric Vehicles Be Hacked? Meta-analysis on the risks of the EV ecosystem.
https://ift.tt/msHuhOF
Submitted February 15, 2023 at 07:47AM by UnexpectedLizard
via reddit https://ift.tt/gqaPWw5
https://ift.tt/msHuhOF
Submitted February 15, 2023 at 07:47AM by UnexpectedLizard
via reddit https://ift.tt/gqaPWw5
archive.is
Could Electric Vehicles Be Hacked? - WSJ
archived 14 Feb 2023 23:28:37 UTC