A Library for Detecting Known or Weak Secrets Across Many Web Frameworks

KillNet, a group that the US Department of Health and Human Services (DHHS) has called pro-Russia hacktivists, has been launching waves of attacks targeting governments and companies with focus on the healthcare sector. In this blog post, we provide an overview…

Black Angel is a Windows 11/10 x64 kernel mode rootkit. Rootkit can be loaded with enabled DSE while maintaining its full functionality. - GitHub - XaFF-XaFF/Black-Angel-Rootkit: Black Angel is a W...

Akamai researchers uncover and reverse engineer a new Go-based DDoS botnet.

ThreatLabz observed a new campaign targeting a Government organization in which the threat actors utilized a new Command & Control (C2) framework named Havoc

AhnLab Security Emergency response Center (ASEC) has recently discovered the ShellBot malware being installed on poorly managed Linux SSH servers. ShellBot, also known as PerlBot, is a DDoS Bot malware developed in Perl and characteristically uses IRC protocol…

A powerful technique for finding threats in Windows event logs.

This advisory contains information about the following vulnerabilities:
- Directory Traversal Arbitrary File Write Vulnerability

In this article, we′re going to discuss the CVE-2020-36620 vulnerability and see how a NuGet package for converting string to enum can make a C# application vulnerable to DoS attacks.

Mapping behaviors to auditd log events

JumpCloud is a Directory as a Service provider providing cloud native Directory service for cloud native companies. In a Red Team engagement or Pentest scenario, one may come across a API token which could have Administrative Privileges. Instead of going…

Terraform is the common tool if you work with IaC, but its security best practices must be followed carefully. This article provides that guidance.

Server-Side Request Forgery (SSRF) is a vulnerability that allows an attacker to trick a server-side application to make a request to an unintended location. SSRF, unlike most other specific vulnerabilities, has gained its own spot on the OWASP Top 10 2021.…

A guide to managing multiple AWS Accounts using AWS Organizations and how to reduce blast radius by leveraging Delegated Administrator capabilities within AWS Organization to avoid usage of the management root account. This post covers security benefits…

A new Android banking trojan might be spreading under the name of Nexus. It is promoted via a MaaS subnoscription and it contains some relations with an already known SOVA banking trojan. Read the full article to know more about this new player in cybercrime.

Doyensec's Blog :: Doyensec is an independent security research and development company focused on vulnerability discovery and remediation.

The possibilities allowed by filter chains will never stop amazing us.

On February 8, 2023, the DKP token on the BNB chain was attacked. The attacker used the flash loan technique to exploit the contract.

Selefra means "select * from infrastructure". It is an open-source policy-as-code software that provides analysis for multi-cloud and SaaS environments, including over 30 services...