Adversary Simulation with Voice Cloning in Real Time, Part 1
https://ift.tt/lWHoG8f
Submitted March 17, 2023 at 09:06AM by kerberoast
via reddit https://ift.tt/uWfypFb
https://ift.tt/lWHoG8f
Submitted March 17, 2023 at 09:06AM by kerberoast
via reddit https://ift.tt/uWfypFb
Threat Blog
Adversary Simulation with Voice Cloning in Real Time, Part 1
Every day, blog posts and news articles warn us about the danger of artificial intelligence (AI) and how the technology behind it can be used by criminals to perform sophisticated attacks.
Our clients often ask, “Should we be worried?” Emerging technology…
Our clients often ask, “Should we be worried?” Emerging technology…
How to Google Dork a Specific Website for Hacking
https://ift.tt/dgeRDjK
Submitted March 17, 2023 at 05:43PM by josh252
via reddit https://ift.tt/TeiF1HA
https://ift.tt/dgeRDjK
Submitted March 17, 2023 at 05:43PM by josh252
via reddit https://ift.tt/TeiF1HA
StationX
How to Google Dork a Specific Website for Hacking
Not sure how to Google dork a specific website? Read this article to learn what Google dorking is, how to Google dork, and issues to pay attention to.
Chaos Malware - Persistence and Evasion Techniques
https://ift.tt/DEhARlo
Submitted March 17, 2023 at 07:39PM by MiguelHzBz
via reddit https://ift.tt/S3i1Y6C
https://ift.tt/DEhARlo
Submitted March 17, 2023 at 07:39PM by MiguelHzBz
via reddit https://ift.tt/S3i1Y6C
Sysdig
Chaos Malware Quietly Evolves Persistence and Evasion Techniques – Sysdig
We will go through the analysis of chaos malware based on our captured attacks with an emphasis on persistence techniques.
OpenSIPS Security Audit Report is fully disclosed and out there (VoIP security)
https://ift.tt/7l1gFoa
Submitted March 17, 2023 at 07:25PM by EnableSecurity
via reddit https://ift.tt/eBqgiSA
https://ift.tt/7l1gFoa
Submitted March 17, 2023 at 07:25PM by EnableSecurity
via reddit https://ift.tt/eBqgiSA
Enablesecurity
OpenSIPS Security Audit Report is fully disclosed and out there
The full OpenSIPS Security Audit report is published, with all details on how to reproduce the vulnerabilities found, root cause analysis and methodology used
18 Remote and Silent Zero Day RCEs/Baseband Exploits for Samsung Exynos
https://ift.tt/NHqQTho
Submitted March 17, 2023 at 04:40AM by BinkReddit
via reddit https://ift.tt/aEYZ1sN
https://ift.tt/NHqQTho
Submitted March 17, 2023 at 04:40AM by BinkReddit
via reddit https://ift.tt/aEYZ1sN
Blogspot
Multiple Internet to Baseband Remote Code Execution Vulnerabilities in Exynos Modems
Posted by Tim Willis, Project Zero Note: Until security updates are available, users who wish to protect themselves from the baseband ...
Bypassing PPL in userland again
https://ift.tt/YgsSzWC
Submitted March 17, 2023 at 09:35PM by IIIWeedWizard420III
via reddit https://ift.tt/vG8nPSm
https://ift.tt/YgsSzWC
Submitted March 17, 2023 at 09:35PM by IIIWeedWizard420III
via reddit https://ift.tt/vG8nPSm
Undocumented behavior change in Android 10: mode "w" no longer truncates
https://ift.tt/QXISPfC
Submitted March 18, 2023 at 06:10PM by Gallus
via reddit https://ift.tt/F2wOx5Y
https://ift.tt/QXISPfC
Submitted March 18, 2023 at 06:10PM by Gallus
via reddit https://ift.tt/F2wOx5Y
VBA: resolving exports in runtime without NtQueryInformationProcess or GetProcAddress
https://ift.tt/RBj2Z4X
Submitted March 18, 2023 at 10:28PM by gid0rah
via reddit https://ift.tt/8Z62Upv
https://ift.tt/RBj2Z4X
Submitted March 18, 2023 at 10:28PM by gid0rah
via reddit https://ift.tt/8Z62Upv
VBA: resolving exports in runtime without NtQueryInformationProcess or GetProcAddress |
VBA: resolving exports in runtime without NtQueryInformationProcess or GetProcAddress | AdeptsOf0xCC
Combination of small snippets of code to simulate getprocaddress avoiding dangerous functions
'Acropalypse' vulnerability recovers cropped screenshots on all Google Pixel phones
https://ift.tt/DhiSk5B
Submitted March 19, 2023 at 04:31AM by knoy
via reddit https://ift.tt/9PobnLG
https://ift.tt/DhiSk5B
Submitted March 19, 2023 at 04:31AM by knoy
via reddit https://ift.tt/9PobnLG
Armadillophone
Acropalypse vulnerability reveals your screenshots
Your phone is under constant attack from criminals, corporations and foreign governments.
Large monthly list of popular websites, extracted from Chrome UX Reports
https://ift.tt/tgzr7sI
Submitted March 19, 2023 at 03:18PM by neathack
via reddit https://ift.tt/fNubjcz
https://ift.tt/tgzr7sI
Submitted March 19, 2023 at 03:18PM by neathack
via reddit https://ift.tt/fNubjcz
GitHub
GitHub - crissyfield/crux-dumps: 📝 This repository contains dumps of the monthly "Chrome UX Report" (CrUX) datasets.
📝 This repository contains dumps of the monthly "Chrome UX Report" (CrUX) datasets. - GitHub - crissyfield/crux-dumps: 📝 This repository contains dumps of the monthly "Ch...
Got my OSCP!
https://ift.tt/x4NGcsP
Submitted March 19, 2023 at 06:02PM by andy-codes
via reddit https://ift.tt/etWXuRL
https://ift.tt/x4NGcsP
Submitted March 19, 2023 at 06:02PM by andy-codes
via reddit https://ift.tt/etWXuRL
Bitwarden PINs can be brute-forced, a how-to and reason for stronger master passwords.
https://ift.tt/10GmJ5A
Submitted March 19, 2023 at 09:55PM by AverageCowboyCentaur
via reddit https://ift.tt/x2nGzjs
https://ift.tt/10GmJ5A
Submitted March 19, 2023 at 09:55PM by AverageCowboyCentaur
via reddit https://ift.tt/x2nGzjs
Obfuscating WebAssembly using Emnoscripten with an LLVM-based obfuscator
https://ift.tt/GkWhQR2
Submitted March 20, 2023 at 01:23PM by Hawkis98
via reddit https://ift.tt/YApPODq
https://ift.tt/GkWhQR2
Submitted March 20, 2023 at 01:23PM by Hawkis98
via reddit https://ift.tt/YApPODq
GitHub
GitHub - HakonHarnes/emcc-obf: Modified Emnoscripten compiler with LLVM-level obfuscation
Modified Emnoscripten compiler with LLVM-level obfuscation - HakonHarnes/emcc-obf
Bypassing CloudTrail in AWS Service Catalog, and Other Logging Research | Datadog Security Labs
https://ift.tt/WuEm5J4
Submitted March 20, 2023 at 07:39PM by RedTermSession
via reddit https://ift.tt/NTl051P
https://ift.tt/WuEm5J4
Submitted March 20, 2023 at 07:39PM by RedTermSession
via reddit https://ift.tt/NTl051P
Datadoghq
Bypassing CloudTrail in AWS Service Catalog, and Other Logging Research
Public disclosure of CloudTrail bypass in AWS Service Catalog and other logging research.
Persistence – Service Control Manager
https://ift.tt/Bey0F8x
Submitted March 20, 2023 at 09:48PM by netbiosX
via reddit https://ift.tt/3NaECwg
https://ift.tt/Bey0F8x
Submitted March 20, 2023 at 09:48PM by netbiosX
via reddit https://ift.tt/3NaECwg
Penetration Testing Lab
Persistence – Service Control Manager
The service control manager (SCM) is responsible to start and stop services in windows environments including device drivers and start up applications. Microsoft introduced in Windows 2000 and late…
Attackers are starting to target .NET developers with malicious-code NuGet packages
https://ift.tt/ZBLEkfO
Submitted March 20, 2023 at 08:59PM by n0llbyte
via reddit https://ift.tt/LYCQ2Mg
https://ift.tt/ZBLEkfO
Submitted March 20, 2023 at 08:59PM by n0llbyte
via reddit https://ift.tt/LYCQ2Mg
JFrog
Attackers are starting to target .NET developers with malicious-code NuGet packages | JFrog
Update 2023-03-21 – We’ve talked with members of the NuGet team and they had already detected and removed the malicious packages in question. Malicious packages are often spread by the open source NPM and PyPI package repositories, with few other repositories…
New tool to detect use of known secrets in web frameworks - Badsecrets
https://ift.tt/a8bHJE3
Submitted March 20, 2023 at 11:42PM by L1QU1DF1R3
via reddit https://ift.tt/zgnoq0Y
https://ift.tt/a8bHJE3
Submitted March 20, 2023 at 11:42PM by L1QU1DF1R3
via reddit https://ift.tt/zgnoq0Y
Blacklanternsecurity
Introducing Badsecrets
A Library for Detecting Known or Weak Secrets Across Many Web Frameworks
KillNet and affiliate hacktivist groups targeting healthcare with DDoS attacks
https://ift.tt/9BNJrSX
Submitted March 20, 2023 at 11:05PM by SCI_Rusher
via reddit https://ift.tt/QsdrlzU
https://ift.tt/9BNJrSX
Submitted March 20, 2023 at 11:05PM by SCI_Rusher
via reddit https://ift.tt/QsdrlzU
Microsoft News
KillNet and affiliate hacktivist groups targeting healthcare with DDoS attacks
KillNet, a group that the US Department of Health and Human Services (DHHS) has called pro-Russia hacktivists, has been launching waves of attacks targeting governments and companies with focus on the healthcare sector. In this blog post, we provide an overview…
Black Angel is a Windows 11/10 x64 kernel mode rootkit. Rootkit can be loaded with enabled DSE while maintaining its full functionality.
https://ift.tt/709Lrvy
Submitted March 21, 2023 at 12:20AM by XaFF-XaFF
via reddit https://ift.tt/Oz1itfh
https://ift.tt/709Lrvy
Submitted March 21, 2023 at 12:20AM by XaFF-XaFF
via reddit https://ift.tt/Oz1itfh
GitHub
GitHub - XaFF-XaFF/Black-Angel-Rootkit: Black Angel is a Windows 11/10 x64 kernel mode rootkit. Rootkit can be loaded with enabled…
Black Angel is a Windows 11/10 x64 kernel mode rootkit. Rootkit can be loaded with enabled DSE while maintaining its full functionality. - GitHub - XaFF-XaFF/Black-Angel-Rootkit: Black Angel is a W...
Uncovering HinataBot: A Deep Dive into a Go-Based Threat
https://ift.tt/OaQ36sz
Submitted March 21, 2023 at 08:25AM by montouesto
via reddit https://ift.tt/9t0mbH4
https://ift.tt/OaQ36sz
Submitted March 21, 2023 at 08:25AM by montouesto
via reddit https://ift.tt/9t0mbH4
Akamai
Uncovering HinataBot: A Deep Dive into a Go-Based Threat | Akamai
Akamai researchers uncover and reverse engineer a new Go-based DDoS botnet.
Havoc Across the Cyberspace
https://ift.tt/EwmyQVq
Submitted March 21, 2023 at 08:24AM by montouesto
via reddit https://ift.tt/7UixQuR
https://ift.tt/EwmyQVq
Submitted March 21, 2023 at 08:24AM by montouesto
via reddit https://ift.tt/7UixQuR
Zscaler
Havoc Across the Cyberspace
ThreatLabz observed a new campaign targeting a Government organization in which the threat actors utilized a new Command & Control (C2) framework named Havoc