How it is possible to locate smartphones using Advertising ID without spyware or exploit
https://ift.tt/9aGQ17E
Submitted October 25, 2024 at 01:27PM by barakadua131
via reddit https://ift.tt/WacuZgB
https://ift.tt/9aGQ17E
Submitted October 25, 2024 at 01:27PM by barakadua131
via reddit https://ift.tt/WacuZgB
Mobile Hacker
Locate smartphones using Advertising ID without spyware or exploit
I explain how it is possible to locate Google and Apple smartphones legally by misusing device unique Advertising ID and stream of data collected by advertising plugins. These plugins are part of thousands of popular and legitimate apps.
A vulnerability in the Common Log File System (CLFS) driver allows a local user to gain elevated privileges on Windows 11
https://ift.tt/va5ubMF
Submitted October 25, 2024 at 02:53PM by SSDisclosure
via reddit https://ift.tt/82SBT7w
https://ift.tt/va5ubMF
Submitted October 25, 2024 at 02:53PM by SSDisclosure
via reddit https://ift.tt/82SBT7w
SSD Secure Disclosure
SSD Advisory - Common Log File System (CLFS) driver PE - SSD Secure Disclosure
Summary A vulnerability in the Common Log File System (CLFS) driver allows a local user to gain elevated privileges on Windows 11. The vulnerability is in the CClfsBaseFilePersisted::WriteMetadataBlock function, and is due to return value of ClfsDecodeBlock…
Bench Press: Leaking Text Nodes with CSS
https://ift.tt/fH0lwYd
Submitted October 25, 2024 at 04:02PM by albinowax
via reddit https://ift.tt/R5iXeP2
https://ift.tt/fH0lwYd
Submitted October 25, 2024 at 04:02PM by albinowax
via reddit https://ift.tt/R5iXeP2
pspaul
Bench Press: Leaking Text Nodes with CSS
Some time ago, while reading up on new CSS features, I asked myself: Is it possible to leak the entire content of an HTML text node only using CSS? The answer is yes! Well, kinda. I found a technique
Multiple vulnerabilities in the Realtek card reader driver. Affects Dell, Lenovo, etc
https://ift.tt/QSu7eUX
Submitted October 26, 2024 at 03:30AM by zwclose
via reddit https://ift.tt/cifUAQI
https://ift.tt/QSu7eUX
Submitted October 26, 2024 at 03:30AM by zwclose
via reddit https://ift.tt/cifUAQI
ZwClose
Vulnerabilities of Realtek SD card reader driver, part 1
I discovered multiple vulnerabilities in RtsPer.sys, an SD card reader driver developed by Realtek. These vulnerabilities enable non-privileged users to leak the contents of kernel pool and kernel stack, write to arbitrary kernel memory, and, the most interesting…
LLM Security: Playing with ChatGPT code execution capability (Part 1).
https://ift.tt/Hs5iEl0
Submitted October 26, 2024 at 02:54AM by beyonderdabas
via reddit https://ift.tt/r0LZTlj
https://ift.tt/Hs5iEl0
Submitted October 26, 2024 at 02:54AM by beyonderdabas
via reddit https://ift.tt/r0LZTlj
Mohit Dabas's Blog
LLM Security: Playing with ChatGPT code execution capability (Part 1).
So we all know about the ChatGPT4 code execution capability. Now the question is can I execute a little bit offensive code like running netstat to see internal connections? I tried to run ‘ne…
CVE-2024-26926 Binder n-day analysis
https://ift.tt/pjTdZID
Submitted October 25, 2024 at 01:51AM by pwntheplanet
via reddit https://ift.tt/PzVnYSv
https://ift.tt/pjTdZID
Submitted October 25, 2024 at 01:51AM by pwntheplanet
via reddit https://ift.tt/PzVnYSv
GitHub
LinuxKernel-nday/CVE-2024-26926/CVE_2024_26926_Analysis.pdf at main · MaherAzzouzi/LinuxKernel-nday
Linux Kernel N-day Exploit/Analysis. Contribute to MaherAzzouzi/LinuxKernel-nday development by creating an account on GitHub.
Retrofitting encrypted firmware is a Bad Idea™
https://ift.tt/TLVFvIx
Submitted October 27, 2024 at 06:10PM by AlmondOffSec
via reddit https://ift.tt/DjAQ16x
https://ift.tt/TLVFvIx
Submitted October 27, 2024 at 06:10PM by AlmondOffSec
via reddit https://ift.tt/DjAQ16x
haxx.in
Retrofitting encrypted firmware is a Bad Idea™
Lexmark decided to frustrate vulnerability researchers last minute. Let’s have a look at their new root filesystem encryption.
Akamai and Kyndryl partner for Zero Trust Segmentation defence
https://ift.tt/KhzrYfG
Submitted October 27, 2024 at 07:23PM by vrebtimaj
via reddit https://ift.tt/QuF4ZJM
https://ift.tt/KhzrYfG
Submitted October 27, 2024 at 07:23PM by vrebtimaj
via reddit https://ift.tt/QuF4ZJM
CRN
Akamai and Kyndryl partner for Zero Trust Segmentation cyber defence
Using Akamai's Guardicore Segmentation platform.
Threats Spike Amid Rising Vulnerabilities
https://ift.tt/QYMPLxn
Submitted October 27, 2024 at 07:04PM by vrebtimaj
via reddit https://ift.tt/DXBiWsd
https://ift.tt/QYMPLxn
Submitted October 27, 2024 at 07:04PM by vrebtimaj
via reddit https://ift.tt/DXBiWsd
The Pinnacle Gazette
Cybersecurity Threats Spike Amid Rising Vulnerabilities
The world of cybersecurity is as dynamic as it is perilous, with threats looming around every digital corner. The recent surge in cyber attacks has amplified concerns…
Scammers blackmail people using 'digital arrest'
https://ift.tt/KQ3HckE
Submitted October 27, 2024 at 11:37PM by towtoo893
via reddit https://ift.tt/P9b4c1X
https://ift.tt/KQ3HckE
Submitted October 27, 2024 at 11:37PM by towtoo893
via reddit https://ift.tt/P9b4c1X
Deccan Herald
Scammers blackmail people using 'digital arrest', online scams: Cyber advisory
The Computer Emergency Response Team of India (CERT-In) issued an advisory listing more than dozen ways how the online scams are being perpetrated by fraudsters in the country, including "digital arrest" to dupe people by stealing their money and private…
Tiktok hacking services
https://ift.tt/pjE8Mm5
Submitted October 28, 2024 at 01:19AM by Ok_Income1221
via reddit https://ift.tt/rW8ufp3
https://ift.tt/pjE8Mm5
Submitted October 28, 2024 at 01:19AM by Ok_Income1221
via reddit https://ift.tt/rW8ufp3
Linktree
@FARARMAHACK12 | Linktree
Clink on my like for quick response
Introducing zizmor: now you can have beautiful clean workflows
https://ift.tt/SP48Izg
Submitted October 28, 2024 at 06:40AM by yossarian_flew_away
via reddit https://ift.tt/hHkYCzD
https://ift.tt/SP48Izg
Submitted October 28, 2024 at 06:40AM by yossarian_flew_away
via reddit https://ift.tt/hHkYCzD
blog.yossarian.net
Introducing zizmor: now you can have beautiful clean workflows
Engineering WCF Hacks
https://ift.tt/qhPyvfm
Submitted October 28, 2024 at 12:44PM by buherator
via reddit https://ift.tt/d9zy0vg
https://ift.tt/qhPyvfm
Submitted October 28, 2024 at 12:44PM by buherator
via reddit https://ift.tt/d9zy0vg
Silent Signal Techblog
Engineering WCF Hacks
Because we can!
Give Me the Green Light Part 1: Hacking Traffic Control Systems
https://ift.tt/WCc5q1E
Submitted October 28, 2024 at 01:59PM by towtoo893
via reddit https://ift.tt/0J6OYaD
https://ift.tt/WCc5q1E
Submitted October 28, 2024 at 01:59PM by towtoo893
via reddit https://ift.tt/0J6OYaD
Red Threat
Give Me the Green Light Part 1: Hacking Traffic Control Systems — Red Threat
Adventures in Responsible Disclosure
Privilege escalation through TPM Sniffing when BitLocker PIN is enabled
https://ift.tt/SibzfBZ
Submitted October 28, 2024 at 05:38PM by dukeofmola
via reddit https://ift.tt/DaQvTzB
https://ift.tt/SibzfBZ
Submitted October 28, 2024 at 05:38PM by dukeofmola
via reddit https://ift.tt/DaQvTzB
Anatomy of an LLM RCE
https://ift.tt/gjl3rsd
Submitted October 28, 2024 at 07:40PM by jat0369
via reddit https://ift.tt/JLvUMsD
https://ift.tt/gjl3rsd
Submitted October 28, 2024 at 07:40PM by jat0369
via reddit https://ift.tt/JLvUMsD
Cyberark
Anatomy of an LLM RCE
As large language models (LLMs) become more advanced and are granted additional capabilities by developers, security risks increase dramatically. Manipulated LLMs are no longer just a risk of...
Global InfoSec Salary Data in the Public Domain 💰📊
https://ift.tt/i019S2j
Submitted October 29, 2024 at 12:26AM by infosec-jobs
via reddit https://ift.tt/jraPb5O
https://ift.tt/i019S2j
Submitted October 29, 2024 at 12:26AM by infosec-jobs
via reddit https://ift.tt/jraPb5O
isecjobs.com
The Global InfoSec / Cybersecurity Salary Index for 2025
An open database of salaries in the InfoSec / Cybersecurity space.
What Are My OPTIONS? CyberPanel v2.3.6 pre-auth RCE
https://ift.tt/vdouHV6
Submitted October 29, 2024 at 01:43PM by albinowax
via reddit https://ift.tt/esoUv6R
https://ift.tt/vdouHV6
Submitted October 29, 2024 at 01:43PM by albinowax
via reddit https://ift.tt/esoUv6R
Mastering Memory Exploitation: Fundamentals, Stack Overflows, Shellcode, Format String Bugs, and Heap Overflows
https://ift.tt/LHeEQpu
Submitted October 29, 2024 at 07:05PM by tapmylap
via reddit https://ift.tt/uW82gfI
https://ift.tt/LHeEQpu
Submitted October 29, 2024 at 07:05PM by tapmylap
via reddit https://ift.tt/uW82gfI
Medium
Mastering Memory Exploitation: Fundamentals, Stack Overflows, Shellcode, Format String Bugs, and Heap Overflows
In the world of cybersecurity, exploiting vulnerabilities is a technical art form that combines deep knowledge of systems with a practical…
Cracking into a Just Eat / Takeaway.com terminal with an NFC card
https://ift.tt/LtwRU9s
Submitted October 30, 2024 at 04:45AM by Titokhan
via reddit https://ift.tt/8b7Ce0O
https://ift.tt/LtwRU9s
Submitted October 30, 2024 at 04:45AM by Titokhan
via reddit https://ift.tt/8b7Ce0O
MGD Blog
Cracking into a Just Eat / Takeaway.com terminal with an NFC card
So this is a pretty interesting one, i found this one on a local marketplace for 25 dollars, so i immediately snagged it up.
After it booted up, it showed an activation screen. Looks like the previous owner has logged out.
We can't do much from this screen…
After it booted up, it showed an activation screen. Looks like the previous owner has logged out.
We can't do much from this screen…
Using AFL++ on bug bounty programs: an example with Gnome libsoup
https://ift.tt/wpufMYJ
Submitted October 30, 2024 at 06:25PM by AlmondOffSec
via reddit https://ift.tt/zicA4HQ
https://ift.tt/wpufMYJ
Submitted October 30, 2024 at 06:25PM by AlmondOffSec
via reddit https://ift.tt/zicA4HQ