Overview  Recently, five CVEs have been discovered in Ivanti Connect Secure, a software product designed to offer secure remote access to corporate resources and applications. This product is...

Active Directory users that have the Kerberos pre-authentication enabled and require access to a resource initiate the Kerberos authentication process by sending an Authentication Server Request (A…

I will delve into using Android smartphone while charging from computer to perform automated DNS poisoning attack without any user interaction. I go through its results, downsides and effective prevention tips.

Embedder is a collection of sources in different languages to embed Python interpreter with minimal dependencies - naksyn/Embedder

TL;DR The main browsers share their cache between Fetch requests and normal navigation.

Spoofing desktop login applications with WinForms and WPF - mlcsec/FormThief

With indictments and arrests.

Two new WiFi vulnerabilities allow hackers to trick you into connecting to fake hotspots and steal your data, and join secure networks without the password.

Organizations who invest in detection engineering have an edge towards identification of threats. However, there is no industry standard to define the framework around the development of detection …

RansomHouse technical malware analysis and yara rules

Phylum continues to discover malware polluting open-source ecosystems. In this blog post, we take a deep-dive into an npm package trying to masquerade as code profiler which actually installs several malicious noscripts including a cryptocurrency and credential…

VulnCheck uncovers the truth behind the recently published Zyxel pre-auth remote code execution: limited to specific configurations, limitations on repeated exploitation, and no evidence of active exploitation.

Today we’re unveiling a novel way to identify canarytokens.org canaries completely statically without setting them off. Thinkst offers self hosted, and paid alternatives that are protected from these techniques. We’re open sourcing this capability and including…

Optum Solutions's Status Page - Update: Some applications are experiencing connectivity issues. Hover or tap here for updates..

Exploit ConnectWise ScreenConnect (bypass authentication) - jhonnybonny/auth_bypass_connectwise_screenconnect

Recently, we have observed an increase in TeaBot banking trojan infections across several European countries, now even infiltrating the Google Play Store. Read the technical analysis to know all his functionalities and how to prevent it.

In previous blogs, we’ve discussed some of the big players in the enterprise software space, but there is one that we have not mentioned before, that is - quite frankly - the heavy-weight champion of the world in terms of applications for large enterprises.…

Look inside the popular hash function and learn what makes it work so well.

A Golang library for interacting with the EPSS (Exploit Prediction Scoring System). - KaanSK/go-epss