Blog - Github PoC Exploits Data Analysis "Prediction" for the year 2024
https://ift.tt/sFR6Guw
Submitted February 09, 2024 at 02:07PM by gfekkas
via reddit https://ift.tt/7g0z5CZ
https://ift.tt/sFR6Guw
Submitted February 09, 2024 at 02:07PM by gfekkas
via reddit https://ift.tt/7g0z5CZ
PRIOn - AI Driven Vulnerablity Analysis & Prioritization
Blog - Deep dive into GitHub Proof of Concept (PoC) Exploits Data and a "Prediction" for the year 2024 - PRIOn
In this blog we delve into a timeseries analysis by trying to answer various questions related to GitHub exploit PoC repositories. A future prediction was made.
JSON Smuggling: A far-fetched intrusion detection evasion technique
https://ift.tt/WFtLq0h
Submitted February 09, 2024 at 03:46PM by Robbedoes_
via reddit https://ift.tt/jB0kMdH
https://ift.tt/WFtLq0h
Submitted February 09, 2024 at 03:46PM by Robbedoes_
via reddit https://ift.tt/jB0kMdH
Medium
JSON Smuggling: A far-fetched intrusion detection evasion technique
TL:DR Insignificant whitespaces in the JSON standard can be used to encode data without breaking the format. This could aid malicious…
I Know What Your Password Was Last Summer...
https://ift.tt/Wnzoctx
Submitted February 10, 2024 at 12:16AM by ZephrX112
via reddit https://ift.tt/SmC9bqP
https://ift.tt/Wnzoctx
Submitted February 10, 2024 at 12:16AM by ZephrX112
via reddit https://ift.tt/SmC9bqP
Lares Labs
I Know What Your Password Was Last Summer...
We have spent the last six months researching on the previous two years of prior cracked passwords and built some tools to understand password creation strategies better. Here are the results.
How is the NVD being used by security analysts? Are there any problems with the NVD? Help us in an academic survey!
https://ift.tt/VKTdiye
Submitted February 08, 2024 at 10:41PM by faui1-study
via reddit https://ift.tt/NQ2Ebav
https://ift.tt/VKTdiye
Submitted February 08, 2024 at 10:41PM by faui1-study
via reddit https://ift.tt/NQ2Ebav
www.cs1.tf.fau.de
Survey on usage of NVD › IT Security Infrastructures Lab
The lab is conducting a research study to investigate the usage and possible issues of the NVD (National Vulnerability Database). If you ...
Practical WPA2 Security Assessment of Wireless Routers
https://ift.tt/tNhZzPS
Submitted February 10, 2024 at 09:15PM by wirelessbits
via reddit https://ift.tt/UO3uV8m
https://ift.tt/tNhZzPS
Submitted February 10, 2024 at 09:15PM by wirelessbits
via reddit https://ift.tt/UO3uV8m
Medium
Practical WPA2 Security Assessment of Wireless Routers
<1 sec was all it took to guess the default WPA2 passphrase of a common wireless router
appsec.guide just got a new chapter on fuzzing!
https://ift.tt/4uZKrmJ
Submitted February 11, 2024 at 03:27PM by maxammann
via reddit https://ift.tt/cfoFKpX
https://ift.tt/4uZKrmJ
Submitted February 11, 2024 at 03:27PM by maxammann
via reddit https://ift.tt/cfoFKpX
The Trail of Bits Blog
Master fuzzing with our new Testing Handbook chapter
Our latest addition to the Trail of Bits Testing Handbook is a comprehensive guide to fuzzing: an essential, effective, low-effort method to find bugs in software that involves repeatedly running a program with random inputs to cause unexpected results. At…
A Beginner's Guide to Tracking Malware Infrastructure
https://ift.tt/alEAqgJ
Submitted February 11, 2024 at 06:34PM by Embeere
via reddit https://ift.tt/FNcx6Se
https://ift.tt/alEAqgJ
Submitted February 11, 2024 at 06:34PM by Embeere
via reddit https://ift.tt/FNcx6Se
Censys
A Beginner's Guide to Tracking Malware Infrastructure
Troy Hunt: How Spoutible’s Leaky API Spurted out a Deluge of Personal Data
https://ift.tt/3XuqQ5x
Submitted February 11, 2024 at 06:08PM by campuscodi
via reddit https://ift.tt/kcuTEFv
https://ift.tt/3XuqQ5x
Submitted February 11, 2024 at 06:08PM by campuscodi
via reddit https://ift.tt/kcuTEFv
Troy Hunt
How Spoutible’s Leaky API Spurted out a Deluge of Personal Data
Ever hear one of those stories where as it unravels, you lean in ever closer and mutter “No way! No way! NO WAY!” This one, as far as infosec stories go, had me leaning and muttering like never before. Here goes:
NidhoggScript is a tool to generate "noscript" file that allows execution of multiple commands and creating playbooks for Nidhogg (https://ift.tt/J0coP6H)
https://ift.tt/6PqWIn2
Submitted February 11, 2024 at 08:24PM by Idov31
via reddit https://ift.tt/cWofKhv
https://ift.tt/6PqWIn2
Submitted February 11, 2024 at 08:24PM by Idov31
via reddit https://ift.tt/cWofKhv
GitHub
GitHub - Idov31/Nidhogg: Nidhogg is an all-in-one simple to use windows kernel rootkit.
Nidhogg is an all-in-one simple to use windows kernel rootkit. - Idov31/Nidhogg
Breach Analysis: APT29’s Attack on Microsoft - Password Spray & OAuth abuse.
https://ift.tt/wmP5cu3
Submitted February 12, 2024 at 09:09AM by jat0369
via reddit https://ift.tt/yLr7Vm6
https://ift.tt/wmP5cu3
Submitted February 12, 2024 at 09:09AM by jat0369
via reddit https://ift.tt/yLr7Vm6
Cyberark
APT29’s Attack on Microsoft: Tracking Cozy Bear’s Footprints
A new and concerning chapter has unfolded in these troubled times of geopolitical chaos. The Cozy Bear threat actor has caused significant breaches targeting Microsoft and HPE, and more are likely...
ChatGPT Account Takeover via Wildcard Web Cache Deception
https://ift.tt/OMo1ULd
Submitted February 12, 2024 at 01:51PM by albinowax
via reddit https://ift.tt/C0d8m19
https://ift.tt/OMo1ULd
Submitted February 12, 2024 at 01:51PM by albinowax
via reddit https://ift.tt/C0d8m19
SQLMap Cheat Sheet - Commands & Examples
https://ift.tt/VZb3hG0
Submitted February 12, 2024 at 03:13PM by HighOnCoffee
via reddit https://ift.tt/4tZkdrF
https://ift.tt/VZb3hG0
Submitted February 12, 2024 at 03:13PM by HighOnCoffee
via reddit https://ift.tt/4tZkdrF
highon.coffee
SQLMap Cheat Sheet - Commands & Examples Tutorial
SQLMap cheat sheet - Learn SQLMap with this Tutorial containing Flags, & SQLMap Command Examples.
Used AI to summarize each week's new security alerts and advisories
https://cyberowl.org/
Submitted February 12, 2024 at 03:52PM by karimhabush
via reddit https://ift.tt/nLlmQ4x
https://cyberowl.org/
Submitted February 12, 2024 at 03:52PM by karimhabush
via reddit https://ift.tt/nLlmQ4x
cyberowl.org
Cyberowl | CyberOwl
Stay informed on the latest cyber threats - a one-stop destination for all the latest alerts and updates from multiple sources.
Evolution of UNC4990: Uncovering USB Malware's Hidden Depths
https://ift.tt/71sEoUV
Submitted February 12, 2024 at 03:40PM by lormayna
via reddit https://ift.tt/At27FLq
https://ift.tt/71sEoUV
Submitted February 12, 2024 at 03:40PM by lormayna
via reddit https://ift.tt/At27FLq
Mandiant
Evolution of UNC4990: Uncovering USB Malware's Hidden Depths | Mandiant
Running BOFs with 'bof-launcher' library
https://ift.tt/WATUZrP
Submitted February 12, 2024 at 08:24PM by mzet-
via reddit https://ift.tt/JQDKrFO
https://ift.tt/WATUZrP
Submitted February 12, 2024 at 08:24PM by mzet-
via reddit https://ift.tt/JQDKrFO
Release 3.0.0.0 | OpalOPC
https://ift.tt/zaYc0RG
Submitted February 12, 2024 at 11:26PM by Salmiakkilakritsi
via reddit https://ift.tt/nKaYsNk
https://ift.tt/zaYc0RG
Submitted February 12, 2024 at 11:26PM by Salmiakkilakritsi
via reddit https://ift.tt/nKaYsNk
Opalopc
Release 3.0.0.0 | OpalOPC
Overview: Evidence Collection of Ivanti Connected Secure Appliances
https://ift.tt/mqziLB9
Submitted February 13, 2024 at 03:29PM by OwnPreparation3424
via reddit https://ift.tt/Bf69bd1
https://ift.tt/mqziLB9
Submitted February 13, 2024 at 03:29PM by OwnPreparation3424
via reddit https://ift.tt/Bf69bd1
Medium
Overview: Evidence Collection of Ivanti Connected Secure Appliances
This article summarizes methods that can be used to gather forensic evidence from Ivanti appliances.
Unpack RedLine stealer using dnSpyEx - Part 3 - Securityinbits
https://ift.tt/o5PqdT1
Submitted February 13, 2024 at 04:09PM by securityinbits
via reddit https://ift.tt/9GRx6ku
https://ift.tt/o5PqdT1
Submitted February 13, 2024 at 04:09PM by securityinbits
via reddit https://ift.tt/9GRx6ku
Securityinbits
Unpack RedLine stealer using dnSpyEx - Part 3 - Securityinbits
Dive into unpacking and extracting config from RedLine Stealer using dnSpyEx. This is the 3rd part in our RedLine malware series.
Security Review Of Okta's TOP-10 Security Posture Features to prevent the next breach
https://ift.tt/VU3b8FY
Submitted February 13, 2024 at 10:01PM by Or1rez
via reddit https://ift.tt/0Fl2QyO
https://ift.tt/VU3b8FY
Submitted February 13, 2024 at 10:01PM by Or1rez
via reddit https://ift.tt/0Fl2QyO
Rezonate - Protect Identities, Everywhere
Top 10 Features to Enhance Your Okta Security Posture - Rezonate
We break down 10 key security configurations and features to ensure robust authentication and identity management within your Okta instance to help prevent future attacks.
Google chronicle - query by subnet
https://ift.tt/mpo8KYg
Submitted February 13, 2024 at 11:49PM by BurkeSooty
via reddit https://ift.tt/JZx7GnB
https://ift.tt/mpo8KYg
Submitted February 13, 2024 at 11:49PM by BurkeSooty
via reddit https://ift.tt/JZx7GnB
Azure Devops Zero-Click CI/CD Vulnerability
https://ift.tt/H7lsgKy
Submitted February 14, 2024 at 03:35AM by roy_6472
via reddit https://ift.tt/1uBUZh7
https://ift.tt/H7lsgKy
Submitted February 14, 2024 at 03:35AM by roy_6472
via reddit https://ift.tt/1uBUZh7
Legitsecurity
Azure Devops Zero-Click CI/CD Vulnerability
The Legit Security research team has found and reported a zero-click attack that allowed attackers to submit malicious code and access secrets.