3AM Ransomware: A Modern Threat with a Vintage Twist
https://ift.tt/9dwYho2
Submitted September 29, 2023 at 07:16PM by ziyahanalbeniz
via reddit https://ift.tt/doTtnXM
https://ift.tt/9dwYho2
Submitted September 29, 2023 at 07:16PM by ziyahanalbeniz
via reddit https://ift.tt/doTtnXM
SOCRadar® Cyber Intelligence Inc.
3AM Ransomware: A Modern Threat with a Vintage Twist - SOCRadar® Cyber Intelligence Inc.
The 3AM ransomware group has recently been spotlighted for its cybercriminal activities. However, why it is the topic of the day is their choice of
Fireblocks OSS MPC Lib
https://ift.tt/u3lPCHZ
Submitted September 29, 2023 at 06:49PM by kruksym
via reddit https://ift.tt/IzXHQb0
https://ift.tt/u3lPCHZ
Submitted September 29, 2023 at 06:49PM by kruksym
via reddit https://ift.tt/IzXHQb0
GitHub
GitHub - fireblocks/mpc-lib
Contribute to fireblocks/mpc-lib development by creating an account on GitHub.
You Can't Control Your Data in the Cloud
https://ift.tt/4T2eMRG
Submitted September 30, 2023 at 02:51AM by osantacruz
via reddit https://ift.tt/8Es0JYG
https://ift.tt/4T2eMRG
Submitted September 30, 2023 at 02:51AM by osantacruz
via reddit https://ift.tt/8Es0JYG
karl-voit.at
You Can't Control Your Data in the Cloud
Lazarus luring employees with trojanized coding challenges: The case of a Spanish aerospace company
https://ift.tt/uzOivmr
Submitted October 01, 2023 at 01:32PM by shulginlegacy
via reddit https://ift.tt/wN3Fs6K
https://ift.tt/uzOivmr
Submitted October 01, 2023 at 01:32PM by shulginlegacy
via reddit https://ift.tt/wN3Fs6K
Welivesecurity
Lazarus luring employees with trojanized coding challenges: The case of a Spanish aerospace company
ESET researchers uncover a Lazarus attack against an aerospace company in Spain, where the group deployed several tools, including a publicly undocumented backdoor we named LightlessCan.
Past week in brief - BlackTech's Cisco Router Intrusion, Google's libvpx Zero-Day, GPUzip Data Leak, Russia's $20M Zero-Day Bounty, and Malware in Bing Chat
https://ift.tt/lQHLwnY
Submitted October 01, 2023 at 10:47PM by mandos_io
via reddit https://ift.tt/mG7rMWz
https://ift.tt/lQHLwnY
Submitted October 01, 2023 at 10:47PM by mandos_io
via reddit https://ift.tt/mG7rMWz
SocVel Quiz 1 October 2023
https://ift.tt/XZNomqA
Submitted October 02, 2023 at 03:49AM by jaco_za
via reddit https://ift.tt/TpFjbPL
https://ift.tt/XZNomqA
Submitted October 02, 2023 at 03:49AM by jaco_za
via reddit https://ift.tt/TpFjbPL
Six 0day exploits were filed against Exim by ZDI, including several RCE. After days of silence, Exim has filed this public detail
https://ift.tt/5BaGigf
Submitted October 02, 2023 at 03:40AM by 1esproc
via reddit https://ift.tt/NkX5n4O
https://ift.tt/5BaGigf
Submitted October 02, 2023 at 03:40AM by 1esproc
via reddit https://ift.tt/NkX5n4O
The Marvin Attack
https://ift.tt/fbNeC85
Submitted October 02, 2023 at 03:22PM by Xaneris47
via reddit https://ift.tt/dsnbGva
https://ift.tt/fbNeC85
Submitted October 02, 2023 at 03:22PM by Xaneris47
via reddit https://ift.tt/dsnbGva
Redhat
The Marvin Attack
The Marvin Attack is a return of a timing variant of a 25-year-old vulnerability that allows performing RSA decryption and signing operations with the private key of a TLS server.
r-tec Blog | .NET Assembly Obfuscation for Memory Scanner Evasion
https://ift.tt/qAgtF8W
Submitted October 02, 2023 at 04:15PM by S3cur3Th1sSh1t
via reddit https://ift.tt/m2DwLjH
https://ift.tt/qAgtF8W
Submitted October 02, 2023 at 04:15PM by S3cur3Th1sSh1t
via reddit https://ift.tt/m2DwLjH
www.r-tec.net
.NET Assembly Obfuscation for Memory Scanner Evasion
This blog post will give a short overview of how in-memory .NET assembly execution commonly works and what detection mechanisms exist.
cloudgrep: cloudgrep is grep for cloud storage
https://ift.tt/S0pbaFZ
Submitted October 02, 2023 at 06:41PM by 0x636f6f6c
via reddit https://ift.tt/NUVWtzl
https://ift.tt/S0pbaFZ
Submitted October 02, 2023 at 06:41PM by 0x636f6f6c
via reddit https://ift.tt/NUVWtzl
GitHub
GitHub - cado-security/cloudgrep: cloudgrep is grep for cloud storage
cloudgrep is grep for cloud storage. Contribute to cado-security/cloudgrep development by creating an account on GitHub.
Decrypting the Shadows: Revealing the Secrets of Ransomware Operators - An Interview with @htmalgae
https://ift.tt/uAGCzme
Submitted October 02, 2023 at 07:44PM by ziyahanalbeniz
via reddit https://ift.tt/3UtRr1H
https://ift.tt/uAGCzme
Submitted October 02, 2023 at 07:44PM by ziyahanalbeniz
via reddit https://ift.tt/3UtRr1H
SOCRadar® Cyber Intelligence Inc.
Decrypting the Shadows: Revealing the Secrets of Ransomware Operators - An Interview with @htmalgae - SOCRadar® Cyber Intelligence…
Meet @htmalgae, an anonymous security researcher with a wealth of experience in web application development. In the digital realm, htmalgae operates under
Microsoft Defender flags Tor Browser as a Trojan and removes it from the system
https://ift.tt/Hwzpqik
Submitted October 02, 2023 at 08:07PM by nareksays
via reddit https://ift.tt/dpR2UIb
https://ift.tt/Hwzpqik
Submitted October 02, 2023 at 08:07PM by nareksays
via reddit https://ift.tt/dpR2UIb
root with a single command: sudo logrotate
https://ift.tt/67L1quM
Submitted October 03, 2023 at 04:16PM by MegaManSec2
via reddit https://ift.tt/XJ3EGfu
https://ift.tt/67L1quM
Submitted October 03, 2023 at 04:16PM by MegaManSec2
via reddit https://ift.tt/XJ3EGfu
Joshua.Hu
root with a single command: sudo logrotate
The scenario is this: a brand new Ubuntu 22.04 server has an account which is restricted to running sudo logrotate *. Can we get root? Short answer: Yes. I couldn’t find much online about this type of exploitation of logrotate, so let’s document something…
Exploiting Edge Routers Acting as IoT Gateways
https://ift.tt/JyKzPgV
Submitted October 03, 2023 at 06:43PM by derp6996
via reddit https://ift.tt/5md3l19
https://ift.tt/JyKzPgV
Submitted October 03, 2023 at 06:43PM by derp6996
via reddit https://ift.tt/5md3l19
Claroty
The Path to the Cloud is Filled with Holes: Exploiting 4G Edge Routers
Retired Server called Home — A server decommissioning failure
https://ift.tt/YzbfrcU
Submitted October 03, 2023 at 06:36PM by oherrala
via reddit https://ift.tt/Nb9Tkgn
https://ift.tt/YzbfrcU
Submitted October 03, 2023 at 06:36PM by oherrala
via reddit https://ift.tt/Nb9Tkgn
Medium
Retired Device called Home
We were told a story which piqued our curiosity. Our customer’s security team started to get a flood of Beacon alerts from one of their…
Cloudflare Protection Bypass Vulnerability on Threat Actors' Radar
https://ift.tt/ErIafvZ
Submitted October 03, 2023 at 06:25PM by ziyahanalbeniz
via reddit https://ift.tt/lMI3ZjV
https://ift.tt/ErIafvZ
Submitted October 03, 2023 at 06:25PM by ziyahanalbeniz
via reddit https://ift.tt/lMI3ZjV
SOCRadar® Cyber Intelligence Inc.
Cloudflare Protection Bypass Vulnerability on Threat Actors' Radar
Cloudflare, a leading cybersecurity provider, faces a security challenge due to vulnerabilities that could put its customer environments...
Let’s Go into the rabbit hole (part 1) — the challenges of dynamically hooking Golang programs
https://ift.tt/1SXZIDE
Submitted October 03, 2023 at 09:05PM by guedou
via reddit https://ift.tt/t4wKfki
https://ift.tt/1SXZIDE
Submitted October 03, 2023 at 09:05PM by guedou
via reddit https://ift.tt/t4wKfki
Quarkslab
Let’s Go into the rabbit hole (part 1) — the challenges of dynamically hooking Golang programs
Defending new vectors: Threat actors attempt SQL Server to cloud lateral movement
https://ift.tt/RlQMsvr
Submitted October 03, 2023 at 10:35PM by SCI_Rusher
via reddit https://ift.tt/H4aFPKU
https://ift.tt/RlQMsvr
Submitted October 03, 2023 at 10:35PM by SCI_Rusher
via reddit https://ift.tt/H4aFPKU
Microsoft Security Blog
Defending new vectors: Threat actors attempt SQL Server to cloud lateral movement | Microsoft Security Blog
Microsoft security researchers recently identified an attack where attackers attempted to move laterally to a cloud environment through a SQL Server instance. The attackers initially exploited a SQL injection vulnerability in an application within the target’s…
[QubesOS] Disarm BusKill Dead Man Switch with Keyboard Shortcut (Guide)
https://ift.tt/7BrenmR
Submitted October 03, 2023 at 09:51PM by maltfield
via reddit https://ift.tt/EImobu9
https://ift.tt/7BrenmR
Submitted October 03, 2023 at 09:51PM by maltfield
via reddit https://ift.tt/EImobu9
BusKill
Disarm BusKill in QubesOS - BusKill
Keyboard shortcuts in QubesOS to arm & disarm (pause) the BusKill laptop kill cord -- so you can go to the bathroom without your laptop self-destruct triggering
PETEP: Open source tool for Penetration Testing of non-HTTP protocols (TCP, UDP) through graphical UI or code, also supports using Burp/Zaproxy by wrapping the binary traffic into HTTP.
https://ift.tt/1a0jg95
Submitted October 03, 2023 at 11:40PM by vutmajk
via reddit https://ift.tt/gXHqSOt
https://ift.tt/1a0jg95
Submitted October 03, 2023 at 11:40PM by vutmajk
via reddit https://ift.tt/gXHqSOt
GitHub
GitHub - Warxim/petep: PETEP (PEnetration TEsting Proxy) is an open-source Java application for traffic analysis & modification…
PETEP (PEnetration TEsting Proxy) is an open-source Java application for traffic analysis & modification using TCP/UDP proxies. PETEP is a useful tool for performing penetration tests of ap...
Remote Code Execution In PyTorch Model Server TorchServe
https://ift.tt/vsFRSd8
Submitted October 04, 2023 at 12:42AM by BigBother59
via reddit https://ift.tt/peXQ0oq
https://ift.tt/vsFRSd8
Submitted October 04, 2023 at 12:42AM by BigBother59
via reddit https://ift.tt/peXQ0oq
GitHub
GHSA-4mqg-h5jf-j9m7 - GitHub Advisory Database
TorchServe Pre-Auth Remote Code Execution