Hi! We're recruiting for a US Remote, Full-Time, Principal Security Researcher to join our client's Security Research team to work on O-day research. Requirements: Java web application exploitation experience at a senior level (7 plus years in security). More info and comp in link below.
https://ift.tt/XwYGCtU
Submitted April 13, 2023 at 04:25AM by dawnsaenz
via reddit https://ift.tt/mwHciWK
https://ift.tt/XwYGCtU
Submitted April 13, 2023 at 04:25AM by dawnsaenz
via reddit https://ift.tt/mwHciWK
Attackers can now plant "prompt injections" in a website the user is visiting, which silently turns Bing Chat into a Social Engineer who seeks out and exfiltrates personal information
https://ift.tt/5plHFvI
Submitted April 13, 2023 at 11:26AM by aknalid
via reddit https://ift.tt/1EUOud8
https://ift.tt/5plHFvI
Submitted April 13, 2023 at 11:26AM by aknalid
via reddit https://ift.tt/1EUOud8
Leaking Remote Memory Contents on SecurePoint’s UTM Firewall (CVE-2023-22897)
https://ift.tt/PAdY32t
Submitted April 13, 2023 at 12:30PM by albinowax
via reddit https://ift.tt/Em1INdK
https://ift.tt/PAdY32t
Submitted April 13, 2023 at 12:30PM by albinowax
via reddit https://ift.tt/Em1INdK
WhatsApp adds key transparency for all users to strengthen the security of end-to-end encrypted messaging
https://ift.tt/1EU5jfp
Submitted April 13, 2023 at 06:35PM by snowboardfreak63
via reddit https://ift.tt/Z5WVOLI
https://ift.tt/1EU5jfp
Submitted April 13, 2023 at 06:35PM by snowboardfreak63
via reddit https://ift.tt/Z5WVOLI
Engineering at Meta
Deploying key transparency at WhatsApp
With key transparency, WhatsApp provides a set of proofs that affirms the correctness of public encryption keys.
Malware Disguised as Document from Ukraine's Energoatom Delivers Havoc Demon Backdoor
https://ift.tt/z5HwXqn
Submitted April 13, 2023 at 05:25PM by montouesto
via reddit https://ift.tt/lGUyLTO
https://ift.tt/z5HwXqn
Submitted April 13, 2023 at 05:25PM by montouesto
via reddit https://ift.tt/lGUyLTO
Fortinet Blog
Malware Disguised as Document from Ukraine's Energoatom Delivers Havoc Demon Backdoor | FortiGuard Labs
FortiGuard Labs highlights the technical details of a multi-staged cyberattack used in the Russian-Ukrainian conflict, as well as some strange artifacts that could be work-in-progress or part of a …
Vare - New specific info stealer for Discord & iniltrating the fledgling crime group that created it.
https://ift.tt/IUAHGZo
Submitted April 13, 2023 at 08:15PM by CyberArkLabs
via reddit https://ift.tt/wZbtxWH
https://ift.tt/IUAHGZo
Submitted April 13, 2023 at 08:15PM by CyberArkLabs
via reddit https://ift.tt/wZbtxWH
Cyberark
The (Not so) Secret War on Discord
CyberArk Malware Research Team Abstract CyberArk Labs discovered a new malware called Vare that is distributed over the popular chatting service, Discord. Vare has been used to target new malware...
ShmooCon 2023 Conference Videos
https://ift.tt/DXd71Up
Submitted April 13, 2023 at 08:03PM by mubix
via reddit https://ift.tt/NJj06Hr
https://ift.tt/DXd71Up
Submitted April 13, 2023 at 08:03PM by mubix
via reddit https://ift.tt/NJj06Hr
Internet Archive
Shmoocon 2023 : ShmooCon : Free Download, Borrow, and Streaming : Internet Archive
ShmooCon 2023by Shmoo Group, various presentersThe videos in this collection are from ShmooCon 2023, which occurred on 20 - 22 January 2023, at the Washington...
Finding Something New About CVE-2022-1388 (F5 BIG-IP)
https://ift.tt/FZ4EgIj
Submitted April 13, 2023 at 08:35PM by chicksdigthelongrun
via reddit https://ift.tt/psj3Jox
https://ift.tt/FZ4EgIj
Submitted April 13, 2023 at 08:35PM by chicksdigthelongrun
via reddit https://ift.tt/psj3Jox
Finding Something New About CVE-2022-1388 - Blog - VulnCheck
In search of an interesting new detail about CVE-2022-1388, VulnCheck researchers pore over open source intelligence. The researchers detail exploit variants, find signature bypasses, and publish a novel exploit variant.
Vare - New specific info stealer for Discord & Infiltrating the fledgling crime group that created it.
https://ift.tt/IUAHGZo
Submitted April 13, 2023 at 08:21PM by jat0369
via reddit https://ift.tt/7URfXLQ
https://ift.tt/IUAHGZo
Submitted April 13, 2023 at 08:21PM by jat0369
via reddit https://ift.tt/7URfXLQ
Cyberark
The (Not so) Secret War on Discord
CyberArk Malware Research Team Abstract CyberArk Labs discovered a new malware called Vare that is distributed over the popular chatting service, Discord. Vare has been used to target new malware...
Escalating file write into RCE in Python
https://ift.tt/DqvMkXR
Submitted April 14, 2023 at 01:55PM by albinowax
via reddit https://ift.tt/TE4Avnx
https://ift.tt/DqvMkXR
Submitted April 14, 2023 at 01:55PM by albinowax
via reddit https://ift.tt/TE4Avnx
Fraud Friday: Investigation into a fake university scam
https://ift.tt/WgJDAVe
Submitted April 14, 2023 at 06:19PM by Seaerkin2
via reddit https://ift.tt/JhkGVem
https://ift.tt/WgJDAVe
Submitted April 14, 2023 at 06:19PM by Seaerkin2
via reddit https://ift.tt/JhkGVem
Guardyourdomain
DomainGuard | Threat Visibility Platform
We guard your domain, so you have peace of mind. Threat Visibility Platform.
Manage (and soon deploy) Android machines with pre-defined behaviors for CyberRange environments.
https://ift.tt/umKbqOx
Submitted April 14, 2023 at 07:53PM by deleee
via reddit https://ift.tt/GY6Dgyx
https://ift.tt/umKbqOx
Submitted April 14, 2023 at 07:53PM by deleee
via reddit https://ift.tt/GY6Dgyx
GitHub
GitHub - cybersecsi/robodroid: Manage (and soon deploy) Android machines with pre-defined behaviors for Cyber Range environments.
Manage (and soon deploy) Android machines with pre-defined behaviors for Cyber Range environments. - GitHub - cybersecsi/robodroid: Manage (and soon deploy) Android machines with pre-defined behavi...
uni-due-syssec/efcf-framework: Extremely Fast smart Contract Fuzzing
https://ift.tt/C23GDrn
Submitted April 15, 2023 at 12:15AM by Gallus
via reddit https://ift.tt/o3YA1DJ
https://ift.tt/C23GDrn
Submitted April 15, 2023 at 12:15AM by Gallus
via reddit https://ift.tt/o3YA1DJ
GitHub
GitHub - uni-due-syssec/efcf-framework: EF/CF - Extremely Fast smart Contract Fuzzing
EF/CF - Extremely Fast smart Contract Fuzzing . Contribute to uni-due-syssec/efcf-framework development by creating an account on GitHub.
Lost in ChatGPT's memories: escaping ChatGPT-3.5 memory issues to write CVE PoCs
https://ift.tt/ZSnyWti
Submitted April 15, 2023 at 03:14AM by NoPaleontologist7419
via reddit https://ift.tt/wH0BI45
https://ift.tt/ZSnyWti
Submitted April 15, 2023 at 03:14AM by NoPaleontologist7419
via reddit https://ift.tt/wH0BI45
Lambda driver blog
Lost in ChatGPT’s memories: escaping ChatGPT-3.5 memory issues to write CVE PoCs
In the last blog (link), we described how ChatGPT can be used to better understand a codebase and assist us during the making of a PoC for a CVE. ChatGPT didn’t find the vulnerability nor wrote the PoC, but as an assistant gave us hints about the project’s…
Remote Code Execution Vulnerability in Google They Are Not Willing To Fix
https://ift.tt/E48Blzw
Submitted April 15, 2023 at 12:29PM by Hydroksiid
via reddit https://ift.tt/SofsUiW
https://ift.tt/E48Blzw
Submitted April 15, 2023 at 12:29PM by Hydroksiid
via reddit https://ift.tt/SofsUiW
10 Methods to Bypass Windows Defender for Unrestricted Code Execution
https://ift.tt/WNGABxC
Submitted April 15, 2023 at 09:17PM by florilsk
via reddit https://ift.tt/lj4NG52
https://ift.tt/WNGABxC
Submitted April 15, 2023 at 09:17PM by florilsk
via reddit https://ift.tt/lj4NG52
Vulnerability scanner for AWS customer-managed policies using ChatGPT w/ built-in account redaction.
https://ift.tt/XOlGmeN
Submitted April 16, 2023 at 08:33AM by ustayready
via reddit https://ift.tt/Hpq7evY
https://ift.tt/XOlGmeN
Submitted April 16, 2023 at 08:33AM by ustayready
via reddit https://ift.tt/Hpq7evY
GitHub
GitHub - ustayready/cloudgpt: Vulnerability scanner for AWS customer managed policies using ChatGPT
Vulnerability scanner for AWS customer managed policies using ChatGPT - GitHub - ustayready/cloudgpt: Vulnerability scanner for AWS customer managed policies using ChatGPT
WorLLMs
https://ift.tt/ATXaSCD
Submitted April 16, 2023 at 02:29PM by rain5
via reddit https://ift.tt/n3lu6Oo
https://ift.tt/ATXaSCD
Submitted April 16, 2023 at 02:29PM by rain5
via reddit https://ift.tt/n3lu6Oo
Gist
WorLLMs
WorLLMs. GitHub Gist: instantly share code, notes, and snippets.
Trigona Ransomware Attacking MS-SQL Servers
https://ift.tt/Xfd0jYz
Submitted April 17, 2023 at 01:28PM by montouesto
via reddit https://ift.tt/aPMwWoG
https://ift.tt/Xfd0jYz
Submitted April 17, 2023 at 01:28PM by montouesto
via reddit https://ift.tt/aPMwWoG
ASEC BLOG
Trigona Ransomware Attacking MS-SQL Servers - ASEC BLOG
AhnLab Security Emergency response Center (ASEC) has recently discovered the Trigona ransomware being installed on poorly managed MS-SQL servers. Trigona is a relatively recent ransomware that was first discovered in October 2022, and Unit 42 has recently…
GitHub - quarkslab/pastis: PASTIS: Collaborative Fuzzing Framework
https://ift.tt/t3eZ9Yv
Submitted April 17, 2023 at 02:47PM by jeandrew
via reddit https://ift.tt/JtKd2Wb
https://ift.tt/t3eZ9Yv
Submitted April 17, 2023 at 02:47PM by jeandrew
via reddit https://ift.tt/JtKd2Wb
GitHub
GitHub - quarkslab/pastis: PASTIS: Collaborative Fuzzing Framework
PASTIS: Collaborative Fuzzing Framework. Contribute to quarkslab/pastis development by creating an account on GitHub.
Weaponizing Discord DLL Hijacking via Excel Macros (POC)
https://ift.tt/xTWbk0Z
Submitted April 17, 2023 at 09:11PM by thehunter699
via reddit https://ift.tt/cFvmHYr
https://ift.tt/xTWbk0Z
Submitted April 17, 2023 at 09:11PM by thehunter699
via reddit https://ift.tt/cFvmHYr
GitHub
GitHub - MitchHS/Discord-DLL-Hijacking: This is a simple example of DLL hijacking enabling proxy execution.
This is a simple example of DLL hijacking enabling proxy execution. - GitHub - MitchHS/Discord-DLL-Hijacking: This is a simple example of DLL hijacking enabling proxy execution.