This class teaches RISC-V assembly language. It requires you know C programming.

Our work shows that it is possible to trigger Rowhammer bit flips on DDR4 devices on AMD Zen 2 and Zen 3 systems despite deployed TRR mitigations. This result proves that AMD systems are equally vulnerable to Rowhammer as Intel systems, which greatly increases…

All-in-one AI automation platform (workflows, agents, cases, tables) for security and IT teams. - TracecatHQ/tracecat

As explained in Federico‘s latest article, […]

Can anyone control AI?

The Oligo research team discovered a live crypto miner campaign targeting a vulnerability in Ray, a widely used open-source AI framework.

BlueDucky solves the problem of auto device discovery, locally stores found Bluetooth devices and utilized Rubber Ducky noscripts that are injected from separated

Universal local privilege escalation Proof-of-Concept exploit for CVE-2024-1086, working on most Linux kernels between v5.14 and v6.6, including Debian, Ubuntu, and KernelCTF. The success rate is 9...

Infinite loops between servers can lead to performance degradation or network overload. In this blog, we'll take a look at how we prevented cross-service UDP loops in QUIC and share some general conclusions.

Brex has released Substation v1.0, the next evolution of our cloud-native, event-driven data pipeline toolkit. Read on for a retrospective.

Information Security Services. Offensive Security, Penetration Testing, Mobile and Application, Purple Team, Red Team

A tale about exploiting KernelCTF Mitigation, Debian, and Ubuntu instances with a double-free in nf_tables in the Linux kernel, using novel techniques like Dirty Pagedirectory. All without even having to recompile the exploit for different kernel targets…

Research conducted by Cisco Talos last year uncovered multiple vulnerabilities rated as low severity despite their ability to allow for full arbitrary code execution.

GitHub Gist: instantly share code, notes, and snippets.

The AI-powered capabilities in Security Advisor will help streamline the process for ThreatDown administrators to access crucial information.

WallEscape vulnerability in util-linux. Contribute to skyler-ferrante/CVE-2024-28085 development by creating an account on GitHub.

Cybersecurity experts are warning that zero-day exploits, which can be used to compromise devices before anyone is aware they’re vulnerable, have become more common as nation-state hackers and cybercriminals find sophisticated ways to carry out their attacks.

By Oleg Zaytsev (Guardio Labs)