In this post, I’ll look at CVE-2023-6241, a vulnerability in the Arm Mali GPU that allows a malicious app to gain arbitrary kernel code execution and root on an Android phone. I’ll show how this vulnerability can be exploited even when Memory Tagging Extension…

Configuring USBGuard without explicitly specifying vendor and product IDs allows an attacker to bypass some USB authorisation policies on Linux.

Dealing with Virtualization-Based Security (VBS), Hypervisor-Protected Code Integrity (HVCI), and Kernel Control Flow Guard (kCFG).

In January we launched new functionality for Attic to detect AiTM attacks targeting the Microsoft 365 tenant of customers. Using the platform of didsomeoneclone.me and custom...

Geofeeds allow ISPs to publish information on the physical location of their networks. But what if a rogue ISP puts false information in…

Discover how to effectively onboard MFA for Office 365 users with MSOLSpray, and unlock remote access with our expert guide.

Discover how to effectively onboard MFA for Office 365 users with MSOLSpray, and unlock remote access with our expert guide.

CVE-2024-1212 is an unauthenticated command injection found in Progress Kemp LoadMaster load balancer's administrator web interface by Rhino Security Labs.

Zac Davis hosts War Stories, a podcast featuring stories from real life penetration testers. Zac covers their background, favorite tools, and stories that define their career.

Sponsored by Cyber Coffee. Real hackers need real caffeine.
www.sevnx.com/shop

Overview Ransomware is here to stay and cyber security professionals need to be trained to prevent, detect, respond, and recover from ransomeware attacks. So, how do we do that in an ethical and re…

AI Powered Terminal Based Ethical Hacking Assistant - berylliumsec/neutron

Laying out why we think 'Canary Infra' is a game changer for honeypots and intrusion detection.

A new malicious privilege escalation technique can be disastrous. In this post, get context and defensive measures against this threat.

Talos IR has responded to several recent incidents in which threat actors used legitimate digital document publishing sites such as Publuu and Marq to host phishing documents as part of ongoing credential and session harvesting attacks.

One line command and control backdoors for APIs and web applications. - Geeoon/asploit

Generates the tree of the directory listing page. Contribute to riza/indextree development by creating an account on GitHub.

CVE-2023-48788 Fortinet FortiClient EMS SQL Injection Deep-Dive and Indicators of Compromise. This blog details the SQL injection which allows an unauthenticated attacker to access the FortiClient EMS server as SYSTEM to execute arbitrary commands.

Posted by netsec_burn - 15 votes and 0 comments