Typhooncon's 2023 Call for Papers is open for submissions!
https://ift.tt/jYanc7Z
Submitted March 22, 2023 at 09:52PM by Marsy_star
via reddit https://ift.tt/wj5Pc8a
https://ift.tt/jYanc7Z
Submitted March 22, 2023 at 09:52PM by Marsy_star
via reddit https://ift.tt/wj5Pc8a
Malicious Actors Use Unicode Support in Python to Evade Detection
https://ift.tt/2nMSNGs
Submitted March 22, 2023 at 10:56PM by louis11
via reddit https://ift.tt/DOACip1
https://ift.tt/2nMSNGs
Submitted March 22, 2023 at 10:56PM by louis11
via reddit https://ift.tt/DOACip1
blog.phylum.io
Malicious Actors Use Unicode Support in Python to Evade Detection
Phylum uncovers a threat actor taking advantage of how the Python interpreter handles Unicode to obfuscate their malware.
Brute Ratel Analysis
https://ift.tt/5tC4rhb
Submitted March 23, 2023 at 01:51AM by Diesl
via reddit https://ift.tt/80ijDoh
https://ift.tt/5tC4rhb
Submitted March 23, 2023 at 01:51AM by Diesl
via reddit https://ift.tt/80ijDoh
YARA rule for rapid detection of PNG images affected by Acropalypse - CVE-2023-21036
https://ift.tt/cVHYxBf
Submitted March 23, 2023 at 12:53AM by fede_k
via reddit https://ift.tt/WTdzMrO
https://ift.tt/cVHYxBf
Submitted March 23, 2023 at 12:53AM by fede_k
via reddit https://ift.tt/WTdzMrO
GitHub
GitHub - infobyte/CVE-2023-21036: Detection and sanitization for Acropalypse Now - CVE-2023-21036
Detection and sanitization for Acropalypse Now - CVE-2023-21036 - infobyte/CVE-2023-21036
Detecting Unlinked Windows Services with Volatility 3
https://ift.tt/UMWhE09
Submitted March 23, 2023 at 02:02AM by transt
via reddit https://ift.tt/qU4Dh8Y
https://ift.tt/UMWhE09
Submitted March 23, 2023 at 02:02AM by transt
via reddit https://ift.tt/qU4Dh8Y
Blogspot
Memory Forensics R&D Illustrated: Detecting Hidden Windows Services
As mentioned in a recent blog post , our team is once again offering in-person training, and we have substantially updated our course for th...
Harvesting Logs for Fun and Profit
https://ift.tt/WkQANdC
Submitted March 23, 2023 at 06:29AM by DevSec23
via reddit https://ift.tt/vUozxe2
https://ift.tt/WkQANdC
Submitted March 23, 2023 at 06:29AM by DevSec23
via reddit https://ift.tt/vUozxe2
beny23.github.io
Harvesting Logs for Fun and Profit
From a security point of view, application logs are two-sided. On the one hand, it is really important to have good observability, to find out what is happening and what has happened. On the other hand, we don’t want to leak sensitive information. In this…
Veeam Backup and Replication CVE-2023-27532 Deep Dive and Linux POC Exploit
https://ift.tt/i6GEDrs
Submitted March 23, 2023 at 06:09PM by scopedsecurity
via reddit https://ift.tt/gi17pdr
https://ift.tt/i6GEDrs
Submitted March 23, 2023 at 06:09PM by scopedsecurity
via reddit https://ift.tt/gi17pdr
Horizon3.ai
Veeam Backup and Replication CVE-2023-27532 Deep Dive
Introduction Veeam has recently released an advisory for CVE-2023-27532 for Veeam Backup and Replication which allows an unauthenticated user with access to the Veeam backup service (TCP 9401 by default) to request cleartext credentials. Other’s have provides…
Remarks on “Chat Control”
https://ift.tt/PFiZyMX
Submitted March 23, 2023 at 08:21PM by feross
via reddit https://ift.tt/NIPs7KF
https://ift.tt/PFiZyMX
Submitted March 23, 2023 at 08:21PM by feross
via reddit https://ift.tt/NIPs7KF
A Few Thoughts on Cryptographic Engineering
Remarks on “Chat Control”
On March 23 I was invited to participate in a panel discussion at the European Internet Services Providers Association (EuroISPA). The focus of this discussion was on recent legislative proposals, …
Joomla! CVE-2023-23752 to Code Execution
https://ift.tt/9LX7RAB
Submitted March 23, 2023 at 07:58PM by chicksdigthelongrun
via reddit https://ift.tt/Y9VGAKc
https://ift.tt/9LX7RAB
Submitted March 23, 2023 at 07:58PM by chicksdigthelongrun
via reddit https://ift.tt/Y9VGAKc
Joomla! CVE-2023-23752 to Code Execution - Blog - VulnCheck
CVE-2023-23752 is an information leak affecting Joomla! 4.0 - 4.7. How can an attacker use this vulnerability to achieve code execution? How many internet-facing systems are at risk?
SHA-1 gets SHAttered — A deep dive into why it was retired
https://ift.tt/OSYrCzw
Submitted March 23, 2023 at 11:20PM by Ecmoy
via reddit https://ift.tt/2c7qvTR
https://ift.tt/OSYrCzw
Submitted March 23, 2023 at 11:20PM by Ecmoy
via reddit https://ift.tt/2c7qvTR
Evervault
SHA-1 gets SHAttered — Blog — Evervault
Theoretical attacks on SHA-1 have become practical. SHA-1 should be deprecated everywhere.
iMessage and OpenGraph for Fun and Profit
https://ift.tt/zG50WDp
Submitted March 24, 2023 at 05:24AM by nobodyhome5nxc
via reddit https://ift.tt/l1kRfpy
https://ift.tt/zG50WDp
Submitted March 24, 2023 at 05:24AM by nobodyhome5nxc
via reddit https://ift.tt/l1kRfpy
NAPLISTENER: more bad dreams from developers of SIESTAGRAPH
https://ift.tt/wcuUKDa
Submitted March 24, 2023 at 09:45AM by montouesto
via reddit https://ift.tt/kgqrbVt
https://ift.tt/wcuUKDa
Submitted March 24, 2023 at 09:45AM by montouesto
via reddit https://ift.tt/kgqrbVt
Elastic Blog
NAPLISTENER: more bad dreams from developers of SIESTAGRAPH
Elastic Security Labs observes that the threat behind SIESTAGRAPH has shifted priorities from data theft to persistent access, deploying new malware like NAPLISTENER to evade detection.
ChinaZ DDoS Bot Malware Distributed to Linux SSH Servers
https://ift.tt/AZf49Ky
Submitted March 24, 2023 at 09:12AM by montouesto
via reddit https://ift.tt/0FYhmUk
https://ift.tt/AZf49Ky
Submitted March 24, 2023 at 09:12AM by montouesto
via reddit https://ift.tt/0FYhmUk
ASEC BLOG
ChinaZ DDoS Bot Malware Distributed to Linux SSH Servers - ASEC BLOG
AhnLab Security Emergency response Center (ASEC) has recently discovered the ChinaZ DDoS Bot malware being installed on inadequately managed Linux SSH servers. As one of the Chinese threat groups that were first discovered around 2014, the ChinaZ group installs…
GitHub.com’s RSA SSH private key was briefly exposed in a public GitHub repository
https://ift.tt/A1pPycg
Submitted March 24, 2023 at 12:23PM by eaglex
via reddit https://ift.tt/g9ZPu2n
https://ift.tt/A1pPycg
Submitted March 24, 2023 at 12:23PM by eaglex
via reddit https://ift.tt/g9ZPu2n
The GitHub Blog
We updated our RSA SSH host key | The GitHub Blog
At approximately 05:00 UTC on March 24, out of an abundance of caution, we replaced our RSA SSH host key used to secure Git operations for GitHub.com.
Remote unauthenticated system and cloud takeover found in major AI tool
https://ift.tt/fBVneks
Submitted March 24, 2023 at 05:24PM by FlyingTriangle
via reddit https://ift.tt/CEyvZq1
https://ift.tt/fBVneks
Submitted March 24, 2023 at 05:24PM by FlyingTriangle
via reddit https://ift.tt/CEyvZq1
Protectai
Hacking AI: System Takeover in MLflow Strikes Again (And Again)
2 patch bypasses found for severe MLflow LFI/RFI vulnerability
All patched in MLflow version 2.2.3
Protect AI’s vulnerability scanning and exploit tools updated with bypasses
All patched in MLflow version 2.2.3
Protect AI’s vulnerability scanning and exploit tools updated with bypasses
cariddi v1.3.1 is out🥳
https://ift.tt/wI3PKrm
Submitted March 24, 2023 at 07:36PM by edoardottt
via reddit https://ift.tt/E96eyCc
https://ift.tt/wI3PKrm
Submitted March 24, 2023 at 07:36PM by edoardottt
via reddit https://ift.tt/E96eyCc
GitHub
GitHub - edoardottt/cariddi: Take a list of domains, crawl urls and scan for endpoints, secrets, api keys, file extensions, tokens…
Take a list of domains, crawl urls and scan for endpoints, secrets, api keys, file extensions, tokens and more - GitHub - edoardottt/cariddi: Take a list of domains, crawl urls and scan for endpoin...
Improper Privilege Management in Grails Spring Security Core <= 5.1.0 CVE-2022-41923 - Synacktiv [PDF]
https://ift.tt/40MbEsw
Submitted March 24, 2023 at 07:09PM by Gallus
via reddit https://ift.tt/x2cQVIw
https://ift.tt/40MbEsw
Submitted March 24, 2023 at 07:09PM by Gallus
via reddit https://ift.tt/x2cQVIw
Top 10 Mobile App Security Risks #1 — Improper Platform Usage on Android
https://ift.tt/rJNQhd2
Submitted March 24, 2023 at 08:36PM by RikoTheMachete
via reddit https://ift.tt/qlpCB4v
https://ift.tt/rJNQhd2
Submitted March 24, 2023 at 08:36PM by RikoTheMachete
via reddit https://ift.tt/qlpCB4v
Medium
Top 10 Mobile App Security Risks #1 — Improper Platform Usage on Android
The first article in a series dedicated to the OWASP Mobile Top 10 — a comprehensive list of the most common and significant security…
Have you ever heard of apk.sh? It makes reverse engineering Android apps easier.
https://ift.tt/GFdoUBS
Submitted March 24, 2023 at 11:13PM by FipoKa
via reddit https://ift.tt/60xsDgw
https://ift.tt/GFdoUBS
Submitted March 24, 2023 at 11:13PM by FipoKa
via reddit https://ift.tt/60xsDgw
GitHub
GitHub - ax/apk.sh: apk.sh makes reverse engineering Android apps easier, automating some repetitive tasks like pulling, decoding…
apk.sh makes reverse engineering Android apps easier, automating some repetitive tasks like pulling, decoding, rebuilding and patching an APK. - GitHub - ax/apk.sh: apk.sh makes reverse engineering...
2023 Red Canary Threat Detection Report
https://ift.tt/P4ca0EB
Submitted March 25, 2023 at 01:49AM by RedCanaryCo
via reddit https://ift.tt/ZpHxWfq
https://ift.tt/P4ca0EB
Submitted March 25, 2023 at 01:49AM by RedCanaryCo
via reddit https://ift.tt/ZpHxWfq
Red Canary
2023 Red Canary Threat Detection Report
View our latest threat report to learn about the top cyber threats, MITRE ATT&CK® techniques, and detection trends from the year.
Twitter Removed My Two-Factor Authentication Without Notice
https://ift.tt/c7eA5n8
Submitted March 25, 2023 at 03:33AM by Slapbox
via reddit https://ift.tt/36SUalh
https://ift.tt/c7eA5n8
Submitted March 25, 2023 at 03:33AM by Slapbox
via reddit https://ift.tt/36SUalh
Hacked.com
Twitter Removed My Two-Factor Authentication Without Notice
I woke up to a shocking email today. Twitter had turned off my two-factor authentication without my knowledge or approval.