PSIRT | FortiGuard Labs - CVE-2024-55591 Exploited in the wild - Report Provides IoC
https://ift.tt/jdFniQ8
Submitted January 15, 2025 at 02:55PM by stan_frbd
via reddit https://ift.tt/YSk2oXP
https://ift.tt/jdFniQ8
Submitted January 15, 2025 at 02:55PM by stan_frbd
via reddit https://ift.tt/YSk2oXP
FortiGuard Labs
PSIRT | FortiGuard Labs
None
From arbitrary pointer dereference to arbitrary read/write in latest Windows 11
https://ift.tt/hlYF0zZ
Submitted January 15, 2025 at 02:35PM by 0xdea
via reddit https://ift.tt/NPgFHyl
https://ift.tt/hlYF0zZ
Submitted January 15, 2025 at 02:35PM by 0xdea
via reddit https://ift.tt/NPgFHyl
hn security
From arbitrary pointer dereference to arbitrary read/write in latest Windows 11 - hn security
In the last part of this […]
An independent security researcher collaborating with SSD Secure Disclosure has identified a critical RCE vulnerability in Palo Alto Expedition.
https://ift.tt/njgNIMZ
Submitted January 15, 2025 at 04:50PM by SSDisclosure
via reddit https://ift.tt/FuC6xKq
https://ift.tt/njgNIMZ
Submitted January 15, 2025 at 04:50PM by SSDisclosure
via reddit https://ift.tt/FuC6xKq
SSD Secure Disclosure
SSD Advisory - Palo Alto Expedition RCE (regionsDiscovery) - SSD Secure Disclosure
Summary A vulnerability in Palo Alto Expedition allows remote attackers who can reach the web interface to execute arbitrary code. Credit An independent security researcher working with SSD Secure Disclosure. Vendor Response Palo Alto has released the following…
Heap Exploitation Training
https://ift.tt/S4Y1hWA
Submitted January 14, 2025 at 08:52PM by mdulin2
via reddit https://ift.tt/7wrPiWc
https://ift.tt/S4Y1hWA
Submitted January 14, 2025 at 08:52PM by mdulin2
via reddit https://ift.tt/7wrPiWc
GitHub
GitHub - SecurityInnovation/glibc_heap_exploitation_training: The resources for glibc Malloc heap exploitation course by Maxwell…
The resources for glibc Malloc heap exploitation course by Maxwell Dulin and Security Innovation. - SecurityInnovation/glibc_heap_exploitation_training
baitroute: A web honeypot library to create vulnerable-looking endpoints to detect and mislead attackers
https://ift.tt/OiLmDTa
Submitted January 14, 2025 at 08:57PM by utku1337
via reddit https://ift.tt/astDA05
https://ift.tt/OiLmDTa
Submitted January 14, 2025 at 08:57PM by utku1337
via reddit https://ift.tt/astDA05
GitHub
GitHub - utkusen/baitroute: A web honeypot library to create vulnerable-looking endpoints to detect and mislead attackers
A web honeypot library to create vulnerable-looking endpoints to detect and mislead attackers - utkusen/baitroute
EvilKnievelnoVNC: scalable and semi-automated MFA-Phishing via "browser-in-the-middle"
https://ift.tt/b5EUYJV
Submitted January 13, 2025 at 09:30PM by vollbit
via reddit https://ift.tt/VgjOs3z
https://ift.tt/b5EUYJV
Submitted January 13, 2025 at 09:30PM by vollbit
via reddit https://ift.tt/VgjOs3z
GitHub
GitHub - ms101/EvilKnievelnoVNC: Weaponized EvilnoVNC: Scalable and semi-automated MFA-Phishing
Weaponized EvilnoVNC: Scalable and semi-automated MFA-Phishing - ms101/EvilKnievelnoVNC
2024 CVEs in Review – Vulnerability Blog
https://ift.tt/1TQ28vS
Submitted January 15, 2025 at 09:14PM by vulnerabilityblog
via reddit https://ift.tt/A1JgsOT
https://ift.tt/1TQ28vS
Submitted January 15, 2025 at 09:14PM by vulnerabilityblog
via reddit https://ift.tt/A1JgsOT
Vulnerability Blog
2024 CVEs in Review
Now that 2024 has come to its conclusion, I’ve decided to kick off a post outlining some observations, trends, and insights for the CVEs published. As always more information is available in …
Essential BBOT Commands for Recon
https://ift.tt/0n4iy8s
Submitted January 16, 2025 at 02:33AM by AdInfinite1760
via reddit https://ift.tt/AP65GQy
https://ift.tt/0n4iy8s
Submitted January 16, 2025 at 02:33AM by AdInfinite1760
via reddit https://ift.tt/AP65GQy
Gcollazo
Essential BBOT Commands for Recon
Karmada Security Audit - Shielder
https://ift.tt/rvxsELa
Submitted January 16, 2025 at 09:38PM by smaury
via reddit https://ift.tt/Ddj6EPa
https://ift.tt/rvxsELa
Submitted January 16, 2025 at 09:38PM by smaury
via reddit https://ift.tt/Ddj6EPa
Shielder
Shielder - Karmada Security Audit
Karmada Security Audit, sponsored by the CNCF (Cloud Native Computing Foundation), facilitated by Open Source Technology Improvement Fund (OSTIF) and performed by Shielder.
How to Create Vulnerable-Looking Endpoints to Detect and Mislead Attackers
https://ift.tt/IV0U8Y9
Submitted January 16, 2025 at 10:29PM by utku1337
via reddit https://ift.tt/Qs8TcKD
https://ift.tt/IV0U8Y9
Submitted January 16, 2025 at 10:29PM by utku1337
via reddit https://ift.tt/Qs8TcKD
Utku Sen’s Substack
How to Create Vulnerable-Looking Endpoints to Detect and Mislead Attackers
BaitRoute is a web honeypot project that serves realistic, vulnerable-looking endpoints to detect vulnerability scans and mislead attackers by providing false positive results.
PoC for CVE-2025-0282 published (Ivanti Connect Secure stack bof)
https://ift.tt/VWJ3F49
Submitted January 16, 2025 at 10:23PM by Acceptable_Exit_9695
via reddit https://ift.tt/tIGxZEB
https://ift.tt/VWJ3F49
Submitted January 16, 2025 at 10:23PM by Acceptable_Exit_9695
via reddit https://ift.tt/tIGxZEB
AttackerKB
CVE-2025-0282 | AttackerKB
A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2, and Ivanti Neurons for ZTA gatewa…
Microsoft Configuration Manager (ConfigMgr / SCCM) 2403 Unauthenticated SQL injections (CVE-2024-43468)
https://ift.tt/KjruZdC
Submitted January 16, 2025 at 11:59PM by AlmondOffSec
via reddit https://ift.tt/eSZLkhR
https://ift.tt/KjruZdC
Submitted January 16, 2025 at 11:59PM by AlmondOffSec
via reddit https://ift.tt/eSZLkhR
Synacktiv
Microsoft Configuration Manager (ConfigMgr) 2403 Unauthenticated SQL injections
The Role of Emulators in OT Research
https://ift.tt/ekGw84y
Submitted January 17, 2025 at 12:56AM by derp6996
via reddit https://ift.tt/1Q8WSmx
https://ift.tt/ekGw84y
Submitted January 17, 2025 at 12:56AM by derp6996
via reddit https://ift.tt/1Q8WSmx
A publicly available OpenCTI connector for IoC analysis FOSS tool
https://ift.tt/qOPuInz
Submitted January 17, 2025 at 02:04AM by stan_frbd
via reddit https://ift.tt/Mrlm5jU
https://ift.tt/qOPuInz
Submitted January 17, 2025 at 02:04AM by stan_frbd
via reddit https://ift.tt/Mrlm5jU
Finding SSRFs in Azure DevOps
https://ift.tt/TMr8OJD
Submitted January 17, 2025 at 02:23PM by cbagdude
via reddit https://ift.tt/hHa3CuW
https://ift.tt/TMr8OJD
Submitted January 17, 2025 at 02:23PM by cbagdude
via reddit https://ift.tt/hHa3CuW
Binary Security AS
Finding SSRFs in Azure DevOps
Binary Security found three SSRF vulnerabilities in Azure DevOps that we reported to Microsoft. This blog post outlines the way we identified these vulnerabilities, and demonstrates exploitation techniques using DNS rebinding and CRLF injection.
Bypassing disk encryption on systems with automatic TPM2 unlock
https://ift.tt/DTzFu1B
Submitted January 17, 2025 at 02:13PM by moviuro
via reddit https://ift.tt/xXlEiAw
https://ift.tt/DTzFu1B
Submitted January 17, 2025 at 02:13PM by moviuro
via reddit https://ift.tt/xXlEiAw
oddlama.org
Bypassing disk encryption on systems with automatic TPM2
unlock | oddlama's blog
unlock | oddlama's blog
oddlama's personal web page and blog
Windows BitLocker -- Screwed without a Screwdriver
https://ift.tt/UByKj0n
Submitted January 19, 2025 at 11:38PM by Titokhan
via reddit https://ift.tt/XQAPz1p
https://ift.tt/UByKj0n
Submitted January 19, 2025 at 11:38PM by Titokhan
via reddit https://ift.tt/XQAPz1p
neodyme.io
Windows BitLocker -- Screwed without a Screwdriver
Breaking up-to-date Windows 11 BitLocker encryption -- on-device but software-only
Let’s talk about AI and end-to-end encryption
https://ift.tt/q56N1VH
Submitted January 20, 2025 at 09:45AM by feross
via reddit https://ift.tt/k0uNOMQ
https://ift.tt/q56N1VH
Submitted January 20, 2025 at 09:45AM by feross
via reddit https://ift.tt/k0uNOMQ
A Few Thoughts on Cryptographic Engineering
Let’s talk about AI and end-to-end encryption
Recently I came across a fantastic new paper by a group of NYU and Cornell researchers ennoscriptd “How to think about end-to-end encryption and AI.” I’m extremely grateful to see th…
Tear Down The Castle - Part 1 | dfir.ch
https://ift.tt/rBWaOsM
Submitted January 20, 2025 at 06:09PM by Capable_General_7219
via reddit https://ift.tt/uROLNI4
https://ift.tt/rBWaOsM
Submitted January 20, 2025 at 06:09PM by Capable_General_7219
via reddit https://ift.tt/uROLNI4
dfir.ch
Tear Down The Castle - Part 1 | dfir.ch
Technical blog by Stephan Berger (@malmoeb)
Malware Analysis of Fake Banking Reward APK Targeting WhatsApp Users
https://ift.tt/x1T3L46
Submitted January 20, 2025 at 09:04PM by anuraggawande
via reddit https://ift.tt/oyrmb6O
https://ift.tt/x1T3L46
Submitted January 20, 2025 at 09:04PM by anuraggawande
via reddit https://ift.tt/oyrmb6O
Malware Analysis, Phishing, and Email Scams
Fake SBI Reward APK Targets Victims with Trojan via WhatsApp
Cybercriminals continue to exploit unsuspecting users through cleverly crafted phishing campaigns. Recently, I encountered a forwarded message in a WhatsApp group that immediately raised suspicion.…
The cost of false positives - how we became a target
https://ift.tt/xPY1LOS
Submitted January 20, 2025 at 09:32PM by unknownhad
via reddit https://ift.tt/ZVEMDBj
https://ift.tt/xPY1LOS
Submitted January 20, 2025 at 09:32PM by unknownhad
via reddit https://ift.tt/ZVEMDBj
cside
The cost of false positives - how we became a target
This week, we identified an intriguing use case involving the WP3[.]XYZ attack (link to our blog post). It sparked interest across the community and led to better detection rates on platforms like VirusTotal (VirusTotal link).
While most appreciated our…
While most appreciated our…