Security reports: efficient and straightforward. The simplest way to detect and fix vulnerabilities

Packages published on npm can declare pre and post-install hooks, which are noscripts that run, well, pre or post-install. That is to say, when the npm CLI installs a package, it also runs those noscripts on your machine.
It runs them silently, in the ba...

Advisory ID: usd-2022-0034 | Product: Microsoft Windows | Vulnerability Type: Improper Link Resolution Before File Access (CWE-59)

Introduction While analyzing CVE-2022-41082, also known as ProxyNotShell, we discovered this vulnerability which we have detailed in this blog. However, for a comprehensive understanding, we highly recommend reading the thorough analysis written by team ZDI.…

A PingPull malware variant for Linux has been found. We’re also tracking a new backdoor attributed to Alloy Taurus called Sword2033.

Commodity threat actors have recently begun to exploit cloud environments for smishing campaigns, employing techniques strikingly similar to those used in SES enumeration and abuse.

Different forms of DNS rebinding attacks have been described as far back as 1996 for Java Applets and 2002 for JavaScript (Quick-Swap). It has been four years since our State of DNS Rebinding prese…

siml is a CLI tool for discovering similar, related to, competitive, or alternative options to a given site. - GitHub - dwisiswant0/siml: siml is a CLI tool for discovering similar, related to, com...

Automated noscript to convert and push Burp Suite certificate in Android, and modify Android's IP table to redirect all traffic to Burp Suite. - Anof-cyber/Androset

Elastic Security Labs is naming a new malware family, LOBSHOT. LOBSHOT propagates and infiltrates targeted networks through Google Ads and hVNC sessions to deploy backdoors masquerading as legitimate application installers.

Eliminate dangling elastic IPs by performing analysis on your resources within all your AWS accounts. - GitHub - assetnote/ghostbuster: Eliminate dangling elastic IPs by performing analysis on your...

PowerShell noscript to help Incident Responders discover potential adversary persistence mechanisms. - GitHub - joeavanzato/Trawler: PowerShell noscript to help Incident Responders discover potential a...

This article discusses a vulnerability in Azure DevOps, and some of the impacts of a compromised pipeline and deployment runner. Variables and parameters used in Azure DevOps pipelines can be used to inject shell commands that run on the Azure DevOps runner.…

The digital war of tomorrow pitches generative AI against digital ID

The recent 3CX data breach highlights that organizations can't afford to overlook the risks presented by software supply chain attacks.

As AI / Machine Learning (ML) systems now support millions of daily users, has our understanding of the relevant security risks kept pace with this wild rate of adoption?

Application security issues found by Assetnote

AhnLab Security Emergency response Center (ASEC) has recently discovered XMRig CoinMiner being installed on poorly managed Linux SSH servers. The attacks have been happening with a distinct pattern since 2022: they involve the usage of malware developed with…

This blog was co-authored by Elia Florio, Sr. Director of Detection & Response at Databricks and Florian Roth and Marius Bartholdy, security researchers with SEC Consult.