siml is a CLI tool for discovering similar, related to, competitive, or alternative options to a given site. - GitHub - dwisiswant0/siml: siml is a CLI tool for discovering similar, related to, com...

Automated noscript to convert and push Burp Suite certificate in Android, and modify Android's IP table to redirect all traffic to Burp Suite. - Anof-cyber/Androset

Elastic Security Labs is naming a new malware family, LOBSHOT. LOBSHOT propagates and infiltrates targeted networks through Google Ads and hVNC sessions to deploy backdoors masquerading as legitimate application installers.

Eliminate dangling elastic IPs by performing analysis on your resources within all your AWS accounts. - GitHub - assetnote/ghostbuster: Eliminate dangling elastic IPs by performing analysis on your...

PowerShell noscript to help Incident Responders discover potential adversary persistence mechanisms. - GitHub - joeavanzato/Trawler: PowerShell noscript to help Incident Responders discover potential a...

This article discusses a vulnerability in Azure DevOps, and some of the impacts of a compromised pipeline and deployment runner. Variables and parameters used in Azure DevOps pipelines can be used to inject shell commands that run on the Azure DevOps runner.…

The digital war of tomorrow pitches generative AI against digital ID

The recent 3CX data breach highlights that organizations can't afford to overlook the risks presented by software supply chain attacks.

As AI / Machine Learning (ML) systems now support millions of daily users, has our understanding of the relevant security risks kept pace with this wild rate of adoption?

Application security issues found by Assetnote

AhnLab Security Emergency response Center (ASEC) has recently discovered XMRig CoinMiner being installed on poorly managed Linux SSH servers. The attacks have been happening with a distinct pattern since 2022: they involve the usage of malware developed with…

This blog was co-authored by Elia Florio, Sr. Director of Detection & Response at Databricks and Florian Roth and Marius Bartholdy, security researchers with SEC Consult.

Fully customisable, offensive security reporting solution designed for pentesters, red teamers and other security-related people alike. - GitHub - Syslifters/sysreptor: Fully customisable, offensiv...

AWS Identity Center is one way of managing access to AWS Accounts. With AWS Identity Center (previously SSO), there exists multiple pathways to privilege escalation. In this blog post, we cover Identity Center, research into the inner workings of cloud…

JSON Web Tokens (JWT) are widely used for authentication in modern applications. As their use increases, so does the importance of…

In March and April 2023, we observed a type of ransomware targeting its victims via a minimalistic approach with tools that leave only a minimal footprint behind. Our findings revealed many of the preparations made by the perpetrators and how quickly they…

RecordBreaker is a new Infostealer that appeared in 2022 and is known as the new version of Raccoon Stealer. Similar to other Infostealers, such as CryptBot, RedLine, and Vidar, it is a major malware type that usually disguises itself as a software crack…

Lately, I’ve been reverse engineering a reasonably complex network protocol, and I ran into a mystery - while the protocol is generally an unencrypted binary protocol, one of the messages was large and random. In an otherwise unencrypted protocol, why is…

The issue could then allow the malicious actor to generate arbitrary logs which can trigger malicious commands to be run with elevated privileges.

Security scanning orchestration and results enrichment framework -- forked and rewritten from @thought-machine/dracon - GitHub - ocurity/dracon: Security scanning orchestration and results enrichme...