ScamClub, a notorious threat actor, has shifted its focus towards video malvertising assaults, resulting in a surge in VAST forced redirect volumes since February 11, 2024. According to GeoEdge security research, upwards of a dozen SSPs and DSPs have fallen…

Exploiting and Mitigating Speculative Race Conditions GhostRace: CVE-2024-2193 Race conditions arise when multiple threads attempt to access a shared resource without proper synchronization, often leading to vulnerabilities such as concurrent use-after-free.…

Discover SnoopGod, the open-source security-oriented OS based on Ubuntu. With 800+ pre-installed tools, it

Donex, A new ransomware gang on the scene with a capable Windows based encryptor.

In January we launched new functionality for Attic to detect AiTM attacks targeting the Microsoft 365 tenant of customers. Using the platform of didsomeoneclone.me and custom CSS in the Microsoft l…

Claroty Team82 has built a virtual factory environment in order to help cybersecurity defenders visualize dependencies between components on a factory floor, and also threat model in an industrial setting.

If you have ever looked at the source code of a Ruby deserialization gadget chain, I bet you've thought "what sorcery is this"?

In recent years, large language models (LLMs) have become increasingly capable and can now interact with tools (i.e., call functions), read documents, and recursively call themselves. As a result,...

Here it is - everything you need to know about using Entra ID's Conditional Access policies to boost your identity security posture.

FortiWLM Deep Dive and Indicators of Compromise. This blog details the discovery of many critical security issues such as RCE, SQLi, and file reads leading to full device compromise. CVE-2023-34993, CVE-2023-34991, CVE-2023-42783, CVE-2023-34989.

Read this blog on the anatomy of an ALPHA SPIDER ransomware attack to better understand how they operate and how to better protect your business.

Salt Labs researchers identified vulnerabilities in the ChatGPT ecosystem that could have granted access to accounts of users and sensitive data.

Attacking face recognition, lock bumping and physical security design issue




Disclaimer
This Security Advisory is provided on an "as is" basis and do not imply any kind of guarantee or warranty. Your use of the information in this publication or linked…

Granting "Write" access in an Open Source repo is a high-stakes decision. We discuss risks of insider threats, using a responsible disclosure for the AWS Karpenter project. Strict safeguards are essential, especially for release artifacts. Also GitHub lacks…

Early this February, Fortinet released an advisory for an "out-of-bounds write vulnerability" that could lead to remote code execution. The issue affected the SSL VPN component of their FortiGate network appliance and was potentially already being exploited…

Features added:
* Error reporting
* Stealth windows noscripts mode
* Stealth injection mode
* PYC dumper runtime
* Added deobfuscator for development tools obfuscator
* Fixed some bugs
* Added installer

This blog post is intended to further practice with MITRE data as well as understand some OT attack techniques implemented by OT malware. For this we are going to look at Pipedream (researched by D…