Financially motivated threat actor Octo Tempest's evolving campaigns represent growing concern for organizations across multiple industries.

Cisco IOS XE CVE-2023-20198 technical deep-dive, WebUI internals, patch diffing, and exploit theory crafting.

Disengaging Loader Lock to do anything directly from DLLMain...

Overview In an effort to safeguard our customers, we perform proactive vulnerability research with the goal of identifying zero-day vulnerabilities that are likely to impact the security of leading organizations.  We decided to focus on the F5 BIG-IP suite…

Adversaries can steal credentials, cookies and other private data from browsers using various techniques. We cover how you can simulate Credential Stealing From Browser s and detect it with your security tools. Sigma Rules Inside.

a simple discovery noscript that uses popular tools like subfinder, amass, puredns, alterx, massdns and others - foozzi/discoshell

Ragnar Locker remains out of reach of the security software.

toolkit for python reverse engineering. Contribute to Fadi002/de4py development by creating an account on GitHub.

CVE-2023-5043, CVE-2023-5044 and CVE-2022-4886 can be exploited by attacker to steal secret credentials from the cluster. Read all about it!

While poking around Parallels Desktop I found a noscript which is invoked by a setuid-root binary, which has the following snippet: local prl_dir="${usr_home}/Library/Parallels" if [ -e "$prl_dir" -a ! -d "$prl_dir" ]; then log warning "'${prl_dir}' is not…

Uncover the steps to hack WiFi passwords using Hashcat. This guide provides a comprehensive walkthrough, from dictionary attacks to brute-force attack

Latest: 4/02/24 version: 0.9.9 First published 10/26/23. Shiny new things Inverting DNN models with a framework A threat intelligence update to the ML Pipeline Attacks on Ray Updates to repeated tok…

One interesting thing about the contrast between infrastructure and security is the expectation of open-source software. When a common problem arises we all experience, a company will launch a product to solve this problem. In infrastructure, typically the…

Personal blog of Julien (jvoisin) Voisin

At HackerOne, we are combining human intelligence with artificial intelligence at scale to improve the efficiency of people and unlock entirely new capabilities.

NetSupport Manager is one of the oldest third-party remote access tools still currently on the market with over 33 years of history. This is the first time we will report on a NetSupport RAT intrus…