Cloning apk for bypassing code tampering detection, Google Safety Net and scanning vulnerable plugins - GitHub - Anof-cyber/MobSecco: Cloning apk for bypassing code tampering detection, Google Saf...

Cloning Cordova Mobile Apps to Bypass Security Implementations

RetDec plugin for LLDB. RetDec is a retargetable machine-code decompiler based on LLVM. - ant4g0nist/decompiler

Stellar Cyber and Mimecast have announced an integration designed to help organizations protect against email-based attacks.

Posted by _discEx_ - 0 votes and 3 comments

HardenedLinux community: harbian-audit v0.7.0 complianced for Debian GNU/Linux 12.

There are many reasons you may want to extract iOS applications; one in particular is reviewing security and privacy aspects with an analysis tool such as Ghidra. Unfortunately, unlike .apk files for Android, .ipa files cannot be side-loaded very easily;…

The threat of software supply chain attacks is accelerating, but CISA SBOM guidance efforts aren't matching its pace, according to industry experts.

SQL Injection (CVE-2023-35036)
In Progress MOVEit Transfer versions released before 2021.0.7 (13.0.7), 2021.1.5 (13.1.5), 2022.0.5 (14.0.5), 2022.1.6 (14.1.6), 2023.0.2 (15.0.2), multiple SQL injection vulnerabilities have been identified in the MOVEit…

Dominion Voting Systems is the famous voting machine vendor that’s been at the center of Trump’s 2020 election denial, used in such swing states as Georgia and Arizona. Fox News paid $700 million to settle a defamation lawsuit, over claims that Dominion machines…

tldr: Swing VPN is using its user base to DDOS sites using its users as a an attack botnet.
Introduction It all started with a friend of mine complaining that his phone was doing a request to a specific app every few seconds. Initial assumption was that the…

Block proposers speculatively execute transactions when creating blocks to maximize their profits. How can this go wrong? In “Speculative…

When you are a cyber security consultant, a pen tester or even a system operator with technical interest then you want to perform attacks…

Curated useful Open-Source projects, biweekly, no-hype. Click to read #OpenSourceDiscovery, by Pradeep Sharma, a Substack publication with hundreds of subscribers.

The abuse of misconfigured Access Control Lists is nothing new. However, it is still one of the main ways of lateral movement and privilege escalation within an active directory domain.

Dieser Artikel ist auch auf deutsch erschienen

To celebrate Franco-German friendship, German Transport Minister Wissing and his French counterpart Beaune came up with something special:
30,000 free Interrail tickets per country for travel in Germany and…

Tools for offensive security of NetBackup infrastructures - airbus-seclab/nbutools

A phishing attack is a sneaky trick that bad people use to steal your important information. They do this by pretending to be someone you trust, like your