Fog of War - How the Ukraine Conflict Transformed the Cyber Threat Landscape
https://ift.tt/adBXl9U
Submitted March 08, 2023 at 08:05PM by mycall
via reddit https://ift.tt/lxctUhf
https://ift.tt/adBXl9U
Submitted March 08, 2023 at 08:05PM by mycall
via reddit https://ift.tt/lxctUhf
CorePlague: Severe Vulnerabilities in Jenkins Server Lead to Remote Code Execution
https://ift.tt/1ZnrjCh
Submitted March 08, 2023 at 09:38PM by ilay789
via reddit https://ift.tt/EvD0Cmi
https://ift.tt/1ZnrjCh
Submitted March 08, 2023 at 09:38PM by ilay789
via reddit https://ift.tt/EvD0Cmi
Aqua
CorePlague: Critical Vulnerabilities in Jenkins Server Lead to RCE
Aqua Research revealed a chain of vulnerabilities CVE-2023-27898, CVE-2023-27905 in Jenkins Server & Update Center which could lead to a complete compromise
Jailbreaking LLM (ChatGPT) Sandboxes Using Linguistic Hacks
https://ift.tt/rqnbsME
Submitted March 09, 2023 at 01:15AM by alxjsn
via reddit https://ift.tt/Y9kVDdQ
https://ift.tt/rqnbsME
Submitted March 09, 2023 at 01:15AM by alxjsn
via reddit https://ift.tt/Y9kVDdQ
Forces Unseen
Jailbreaking LLM (ChatGPT) Sandboxes Using Linguistic Hacks
Practical LLM prompt hacking
The Threat on Your Desk: Building an Evil USB-C Dock
https://ift.tt/b9p7hyi
Submitted March 09, 2023 at 06:51AM by Acceptable-Doubt-878
via reddit https://ift.tt/UISQvZq
https://ift.tt/b9p7hyi
Submitted March 09, 2023 at 06:51AM by Acceptable-Doubt-878
via reddit https://ift.tt/UISQvZq
Aura Research Division
The Threat on Your Desk: Building an Evil USB-C Dock
BadUSB attacks have been a threat for years, but is the USB-C dock sitting on your desk the latest threat in disguise?
Phineas Fisher's Hacktivist Writeups and Guides
https://ift.tt/QKa5S1T
Submitted March 09, 2023 at 04:52PM by gabriel_schneider
via reddit https://ift.tt/F5SOQRp
https://ift.tt/QKa5S1T
Submitted March 09, 2023 at 04:52PM by gabriel_schneider
via reddit https://ift.tt/F5SOQRp
The Anarchist Library
Phineas Fisher
Pwning Akuvox E11 Smart Intercom
https://ift.tt/K54nHyI
Submitted March 10, 2023 at 12:30AM by sh0n1z
via reddit https://ift.tt/YxrJ1hK
https://ift.tt/K54nHyI
Submitted March 10, 2023 at 12:30AM by sh0n1z
via reddit https://ift.tt/YxrJ1hK
Claroty
The Silent Spy Among Us: Smart Intercom Attacks
EJS - Server Side Prototype Pollution gadgets to RCE
https://ift.tt/n2N5JX6
Submitted March 10, 2023 at 05:14AM by Gallus
via reddit https://ift.tt/XbNPiZy
https://ift.tt/n2N5JX6
Submitted March 10, 2023 at 05:14AM by Gallus
via reddit https://ift.tt/XbNPiZy
mizu.re
EJS - Server Side Prototype Pollution gadgets to RCE. Tags:Article - Article - Web - SSPP
I know what pizza you ordered!
https://dfworks.xyz/blog/pizza_order/
Submitted March 10, 2023 at 01:41PM by df_works
via reddit https://ift.tt/4KxVzaS
https://dfworks.xyz/blog/pizza_order/
Submitted March 10, 2023 at 01:41PM by df_works
via reddit https://ift.tt/4KxVzaS
dfworks.xyz
I know what pizza you ordered! | DFWORKS | Online Threat Mitigation
Preventing damages caused by cyberattackers, online disinformation distributors and propagandists.
Infra-Red, In Situ (IRIS) Inspection of Silicon
https://ift.tt/Eh9Kmpu
Submitted March 10, 2023 at 02:17PM by Gallus
via reddit https://ift.tt/nDvmReh
https://ift.tt/Eh9Kmpu
Submitted March 10, 2023 at 02:17PM by Gallus
via reddit https://ift.tt/nDvmReh
Acronis gets embarrassed by 'bored' hacker
https://ift.tt/v5zS8hf
Submitted March 10, 2023 at 03:47PM by MenuParking7693
via reddit https://ift.tt/w2WB0ZK
https://ift.tt/v5zS8hf
Submitted March 10, 2023 at 03:47PM by MenuParking7693
via reddit https://ift.tt/w2WB0ZK
Hack Watcher
Acronis gets embarrassed by 'bored' hacker
Acronis, a company that claims to be a global leader in cyber protection, has suffered a high profile password compromise. How hard should it be to hack Acronis? Well let me answer that question with some stats on Acronis:
The oldest privesc: injecting careless administrators’ terminals using TTY pushback
https://ift.tt/PwkcbTA
Submitted March 10, 2023 at 06:08PM by gquere
via reddit https://ift.tt/ypAIvS5
https://ift.tt/PwkcbTA
Submitted March 10, 2023 at 06:08PM by gquere
via reddit https://ift.tt/ypAIvS5
Leveraging ssh-keygen for Arbitrary Execution (and Privilege Escalation)
https://ift.tt/pu2ixq3
Submitted March 10, 2023 at 08:24AM by SeanPesce
via reddit https://ift.tt/DwpvMGa
https://ift.tt/pu2ixq3
Submitted March 10, 2023 at 08:24AM by SeanPesce
via reddit https://ift.tt/DwpvMGa
Blogspot
Leveraging ssh-keygen for Arbitrary Execution (and Privilege Escalation)
TL;DR The ssh-keygen command can be used to load a shared library with the -D flag. This can be useful for privilege ...
Unauthorized access to organization secrets in GitHub
https://ift.tt/gfe5VUr
Submitted March 10, 2023 at 09:24PM by albinowax
via reddit https://ift.tt/yq5I0ad
https://ift.tt/gfe5VUr
Submitted March 10, 2023 at 09:24PM by albinowax
via reddit https://ift.tt/yq5I0ad
Ophion Security
Unauthorized access to organization secrets in GitHub — Ophion Security
A security issue in GitHub's Security Advisory feature allowed researchers to access ANY organization's codespace secrets without authorization.
Bypassing Asymmetric Client Side Encryption Without Private Key by @Ano_F_
https://ift.tt/JodhWRy
Submitted March 11, 2023 at 03:09AM by Ano_F
via reddit https://ift.tt/Fibwg8h
https://ift.tt/JodhWRy
Submitted March 11, 2023 at 03:09AM by Ano_F
via reddit https://ift.tt/Fibwg8h
Medium
Bypassing Asymmetric Client Side Encryption Without Private Key
Bypassing Asymmetric Encryption Without Private Key using Chrome and PyCript
Fixing cringeworthy bugs in the OpenBSD console code
https://ift.tt/8WIypHr
Submitted March 11, 2023 at 07:35AM by Gallus
via reddit https://ift.tt/Q3N65uI
https://ift.tt/8WIypHr
Submitted March 11, 2023 at 07:35AM by Gallus
via reddit https://ift.tt/Q3N65uI
WebGL fuzzer based on IDL definition by @ant4g0nist
https://ift.tt/Z6DHuKk
Submitted March 11, 2023 at 04:36PM by ant4g0nist
via reddit https://ift.tt/WtyBQJF
https://ift.tt/Z6DHuKk
Submitted March 11, 2023 at 04:36PM by ant4g0nist
via reddit https://ift.tt/WtyBQJF
GitHub
GitHub - ant4g0nist/webgl-fuzzer: WebGL fuzzer
WebGL fuzzer. Contribute to ant4g0nist/webgl-fuzzer development by creating an account on GitHub.
A Comprehensive Synopsis of 217 Subdomain Takeover Reports - by Cyjax researcher @_nynan
https://ift.tt/ZOWHoNx
Submitted March 11, 2023 at 06:13PM by ObscureError
via reddit https://ift.tt/ALKV9wB
https://ift.tt/ZOWHoNx
Submitted March 11, 2023 at 06:13PM by ObscureError
via reddit https://ift.tt/ALKV9wB
Cyjax
A comprehensive synopsis of 217 subdomain takeover reports
We are living in extraordinary times. Global conflict has moved from peace time to war footing which is being enhanced by civilian armies of ‘pseudo authorised and encouraged’ cyber volunteers. In addition to this merger between civilian and military, the…
🏄♂️ ProtoDeep - Decode and analyze protobuf efficiently
https://ift.tt/R1yCBm4
Submitted March 11, 2023 at 08:22PM by mxrchreborn
via reddit https://ift.tt/y9GE1MI
https://ift.tt/R1yCBm4
Submitted March 11, 2023 at 08:22PM by mxrchreborn
via reddit https://ift.tt/y9GE1MI
GitHub
GitHub - mxrch/ProtoDeep: 🏄♂️ Decode and analyze protobuf efficiently.
🏄♂️ Decode and analyze protobuf efficiently. Contribute to mxrch/ProtoDeep development by creating an account on GitHub.
Crawlector - A threat hunting framework designed for scanning websites for malicious objects.
https://ift.tt/8b3mER5
Submitted March 12, 2023 at 03:58AM by MFMokbel
via reddit https://ift.tt/4peKWnC
https://ift.tt/8b3mER5
Submitted March 12, 2023 at 03:58AM by MFMokbel
via reddit https://ift.tt/4peKWnC
GitHub
GitHub - MFMokbel/Crawlector: Crawlector is a threat hunting framework designed for scanning websites for malicious objects.
Crawlector is a threat hunting framework designed for scanning websites for malicious objects. - GitHub - MFMokbel/Crawlector: Crawlector is a threat hunting framework designed for scanning website...
New Cosmos Blockchain API DoS
https://ift.tt/lM5TJze
Submitted March 12, 2023 at 06:31AM by SharpAd1823
via reddit https://ift.tt/2ILPvHX
https://ift.tt/lM5TJze
Submitted March 12, 2023 at 06:31AM by SharpAd1823
via reddit https://ift.tt/2ILPvHX
Livejournal
New Cosmos Blockchain API DoS
Author : https://twitter.com/123456 A critical remote Denial-of-Service (DoS) vulnerability has been identified in Tendermint, which currently serves as the underlying technology powering a significant portion of the blockchain APIs in the Cosmos ecosystem.…
Clipchamp ( Microsoft Office Product) - Google IAP Authorization bypass allowed access to Internal Environment Leading to Zero Interaction Account takeover
https://ift.tt/l1r2BdK
Submitted March 12, 2023 at 04:34PM by vikzsharma
via reddit https://ift.tt/hdSoXBu
https://ift.tt/l1r2BdK
Submitted March 12, 2023 at 04:34PM by vikzsharma
via reddit https://ift.tt/hdSoXBu
Agilehunt
Clipchamp ( Microsoft Office Product) - Google IAP Authorization bypass allowed access to Internal Environment Leading to Zero…
Before getting started reported product Clipchamp is not under the scope for MSRC bug bounty rewards so don't waste your precious time on this asset if monetary reward is your goal.
Vulnerability Denoscription
While the security research and analyzing the assets…
Vulnerability Denoscription
While the security research and analyzing the assets…