Awesome Hacker Search Engines
https://ift.tt/R6pm4Xl
Submitted April 11, 2023 at 08:51PM by edoardottt
via reddit https://ift.tt/CpZ3YvR
https://ift.tt/R6pm4Xl
Submitted April 11, 2023 at 08:51PM by edoardottt
via reddit https://ift.tt/CpZ3YvR
GitHub
GitHub - edoardottt/awesome-hacker-search-engines: A curated list of awesome search engines useful during Penetration testing,…
A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more - GitHub - edoardottt/awesome-hacker-search-engi...
DEV-0196: QuaDream’s “KingsPawn” malware used to target civil society in Europe, North America, the Middle East, and Southeast Asia
https://ift.tt/Ttfk7mO
Submitted April 11, 2023 at 10:47PM by SCI_Rusher
via reddit https://ift.tt/5RHy1lj
https://ift.tt/Ttfk7mO
Submitted April 11, 2023 at 10:47PM by SCI_Rusher
via reddit https://ift.tt/5RHy1lj
Microsoft Security Blog
DEV-0196: QuaDream’s “KingsPawn” malware used to target civil society in Europe, North America, the Middle East, and Southeast…
Microsoft analyzes a threat group tracked as DEV-0196, the actor’s iOS malware “KingsPawn”, and their link to an Israel-based private sector offensive actor (PSOA) known as QuaDream, which reportedly sells a suite of exploits, malware, and infrastructure…
Running An Adversary Emulation Exercise
https://ift.tt/0aDhmfp
Submitted April 12, 2023 at 06:09AM by Diesl
via reddit https://ift.tt/KdwlIDq
https://ift.tt/0aDhmfp
Submitted April 12, 2023 at 06:09AM by Diesl
via reddit https://ift.tt/KdwlIDq
Culbert Report
Adversary Emulation Exercises
Running An Adversary Emulation Exercise Adversary emulation can take many forms, but it will always have the same end goal. Helping companies come away knowing how to defend themselves better. You can bypass every defense and find every flaw but if they don’t…
[CVE-2023-21554] MSMQ (tcp/1801) Remote Code Execution (CVSS 9.8)
https://ift.tt/2eHnw8T
Submitted April 12, 2023 at 01:39PM by qwerty0x41
via reddit https://ift.tt/gW5JqZX
https://ift.tt/2eHnw8T
Submitted April 12, 2023 at 01:39PM by qwerty0x41
via reddit https://ift.tt/gW5JqZX
Rooting a Common-Criteria Certified Printer to Improve OPSEC
https://ift.tt/EYLDOmV
Submitted April 12, 2023 at 05:55PM by RedTeamPentesting
via reddit https://ift.tt/4QIdswz
https://ift.tt/EYLDOmV
Submitted April 12, 2023 at 05:55PM by RedTeamPentesting
via reddit https://ift.tt/4QIdswz
RedTeam Pentesting - Blog
Rooting a Common-Criteria Certified Printer to Improve OPSEC
Besides conducting penetration tests, we also attend to maintenance tasks of our internal infrastructure in order to have all systems being involved in our everyday work meet our specified requirements. One of these systems is the printer that we use …
Following the Lazarus group by tracking DeathNote campaign
https://ift.tt/PEIXqNb
Submitted April 12, 2023 at 07:57PM by EspoJ
via reddit https://ift.tt/Pn5WsQ2
https://ift.tt/PEIXqNb
Submitted April 12, 2023 at 07:57PM by EspoJ
via reddit https://ift.tt/Pn5WsQ2
Securelist
Following the Lazarus group by tracking DeathNote campaign
The Lazarus group is a high-profile Korean-speaking threat actor with multiple sub-campaigns. In this blog, we’ll focus on an active cluster that we dubbed DeathNote.
Shell in the Ghost: Ghostnoscript CVE-2023-28879 writeup
https://ift.tt/gpBNKfY
Submitted April 11, 2023 at 07:08PM by AlmondOffSec
via reddit https://ift.tt/ndhu8SF
https://ift.tt/gpBNKfY
Submitted April 11, 2023 at 07:08PM by AlmondOffSec
via reddit https://ift.tt/ndhu8SF
An emperical and practical guide to LLM hacking
https://ift.tt/aB7PHs3
Submitted April 12, 2023 at 10:09PM by alxjsn
via reddit https://ift.tt/FlGX4KN
https://ift.tt/aB7PHs3
Submitted April 12, 2023 at 10:09PM by alxjsn
via reddit https://ift.tt/FlGX4KN
Doublespeak.chat
A text-based AI escape game by Forces Unseen.
Hi! We're recruiting for a US Remote, Full-Time, Principal Security Researcher to join our client's Security Research team to work on O-day research. Requirements: Java web application exploitation experience at a senior level (7 plus years in security). More info and comp in link below.
https://ift.tt/XwYGCtU
Submitted April 13, 2023 at 04:25AM by dawnsaenz
via reddit https://ift.tt/mwHciWK
https://ift.tt/XwYGCtU
Submitted April 13, 2023 at 04:25AM by dawnsaenz
via reddit https://ift.tt/mwHciWK
Attackers can now plant "prompt injections" in a website the user is visiting, which silently turns Bing Chat into a Social Engineer who seeks out and exfiltrates personal information
https://ift.tt/5plHFvI
Submitted April 13, 2023 at 11:26AM by aknalid
via reddit https://ift.tt/1EUOud8
https://ift.tt/5plHFvI
Submitted April 13, 2023 at 11:26AM by aknalid
via reddit https://ift.tt/1EUOud8
Leaking Remote Memory Contents on SecurePoint’s UTM Firewall (CVE-2023-22897)
https://ift.tt/PAdY32t
Submitted April 13, 2023 at 12:30PM by albinowax
via reddit https://ift.tt/Em1INdK
https://ift.tt/PAdY32t
Submitted April 13, 2023 at 12:30PM by albinowax
via reddit https://ift.tt/Em1INdK
WhatsApp adds key transparency for all users to strengthen the security of end-to-end encrypted messaging
https://ift.tt/1EU5jfp
Submitted April 13, 2023 at 06:35PM by snowboardfreak63
via reddit https://ift.tt/Z5WVOLI
https://ift.tt/1EU5jfp
Submitted April 13, 2023 at 06:35PM by snowboardfreak63
via reddit https://ift.tt/Z5WVOLI
Engineering at Meta
Deploying key transparency at WhatsApp
With key transparency, WhatsApp provides a set of proofs that affirms the correctness of public encryption keys.
Malware Disguised as Document from Ukraine's Energoatom Delivers Havoc Demon Backdoor
https://ift.tt/z5HwXqn
Submitted April 13, 2023 at 05:25PM by montouesto
via reddit https://ift.tt/lGUyLTO
https://ift.tt/z5HwXqn
Submitted April 13, 2023 at 05:25PM by montouesto
via reddit https://ift.tt/lGUyLTO
Fortinet Blog
Malware Disguised as Document from Ukraine's Energoatom Delivers Havoc Demon Backdoor | FortiGuard Labs
FortiGuard Labs highlights the technical details of a multi-staged cyberattack used in the Russian-Ukrainian conflict, as well as some strange artifacts that could be work-in-progress or part of a …
Vare - New specific info stealer for Discord & iniltrating the fledgling crime group that created it.
https://ift.tt/IUAHGZo
Submitted April 13, 2023 at 08:15PM by CyberArkLabs
via reddit https://ift.tt/wZbtxWH
https://ift.tt/IUAHGZo
Submitted April 13, 2023 at 08:15PM by CyberArkLabs
via reddit https://ift.tt/wZbtxWH
Cyberark
The (Not so) Secret War on Discord
CyberArk Malware Research Team Abstract CyberArk Labs discovered a new malware called Vare that is distributed over the popular chatting service, Discord. Vare has been used to target new malware...
ShmooCon 2023 Conference Videos
https://ift.tt/DXd71Up
Submitted April 13, 2023 at 08:03PM by mubix
via reddit https://ift.tt/NJj06Hr
https://ift.tt/DXd71Up
Submitted April 13, 2023 at 08:03PM by mubix
via reddit https://ift.tt/NJj06Hr
Internet Archive
Shmoocon 2023 : ShmooCon : Free Download, Borrow, and Streaming : Internet Archive
ShmooCon 2023by Shmoo Group, various presentersThe videos in this collection are from ShmooCon 2023, which occurred on 20 - 22 January 2023, at the Washington...
Finding Something New About CVE-2022-1388 (F5 BIG-IP)
https://ift.tt/FZ4EgIj
Submitted April 13, 2023 at 08:35PM by chicksdigthelongrun
via reddit https://ift.tt/psj3Jox
https://ift.tt/FZ4EgIj
Submitted April 13, 2023 at 08:35PM by chicksdigthelongrun
via reddit https://ift.tt/psj3Jox
Finding Something New About CVE-2022-1388 - Blog - VulnCheck
In search of an interesting new detail about CVE-2022-1388, VulnCheck researchers pore over open source intelligence. The researchers detail exploit variants, find signature bypasses, and publish a novel exploit variant.
Vare - New specific info stealer for Discord & Infiltrating the fledgling crime group that created it.
https://ift.tt/IUAHGZo
Submitted April 13, 2023 at 08:21PM by jat0369
via reddit https://ift.tt/7URfXLQ
https://ift.tt/IUAHGZo
Submitted April 13, 2023 at 08:21PM by jat0369
via reddit https://ift.tt/7URfXLQ
Cyberark
The (Not so) Secret War on Discord
CyberArk Malware Research Team Abstract CyberArk Labs discovered a new malware called Vare that is distributed over the popular chatting service, Discord. Vare has been used to target new malware...
Escalating file write into RCE in Python
https://ift.tt/DqvMkXR
Submitted April 14, 2023 at 01:55PM by albinowax
via reddit https://ift.tt/TE4Avnx
https://ift.tt/DqvMkXR
Submitted April 14, 2023 at 01:55PM by albinowax
via reddit https://ift.tt/TE4Avnx
Fraud Friday: Investigation into a fake university scam
https://ift.tt/WgJDAVe
Submitted April 14, 2023 at 06:19PM by Seaerkin2
via reddit https://ift.tt/JhkGVem
https://ift.tt/WgJDAVe
Submitted April 14, 2023 at 06:19PM by Seaerkin2
via reddit https://ift.tt/JhkGVem
Guardyourdomain
DomainGuard | Threat Visibility Platform
We guard your domain, so you have peace of mind. Threat Visibility Platform.
Manage (and soon deploy) Android machines with pre-defined behaviors for CyberRange environments.
https://ift.tt/umKbqOx
Submitted April 14, 2023 at 07:53PM by deleee
via reddit https://ift.tt/GY6Dgyx
https://ift.tt/umKbqOx
Submitted April 14, 2023 at 07:53PM by deleee
via reddit https://ift.tt/GY6Dgyx
GitHub
GitHub - cybersecsi/robodroid: Manage (and soon deploy) Android machines with pre-defined behaviors for Cyber Range environments.
Manage (and soon deploy) Android machines with pre-defined behaviors for Cyber Range environments. - GitHub - cybersecsi/robodroid: Manage (and soon deploy) Android machines with pre-defined behavi...
uni-due-syssec/efcf-framework: Extremely Fast smart Contract Fuzzing
https://ift.tt/C23GDrn
Submitted April 15, 2023 at 12:15AM by Gallus
via reddit https://ift.tt/o3YA1DJ
https://ift.tt/C23GDrn
Submitted April 15, 2023 at 12:15AM by Gallus
via reddit https://ift.tt/o3YA1DJ
GitHub
GitHub - uni-due-syssec/efcf-framework: EF/CF - Extremely Fast smart Contract Fuzzing
EF/CF - Extremely Fast smart Contract Fuzzing . Contribute to uni-due-syssec/efcf-framework development by creating an account on GitHub.