Misleading behavior within Intel’s technology allows a local attacker to compromise and take control of work laptops.

Introduction Information stealer malware are used on a daily basis by cyber-criminals. They are often designed to extract saved password stored within browsers, instant messaging applications, FTP clients and many more. Key-logger mechanism may also be embedded…

On December 27th 2017 I presented at the 34th Chaos Communication Congress (34C3) a talk on the technical details and the process of reverse engineering and re-implementation of the evasi0n7 jailbreak's main kernel exploit, noscriptd "iOS kernel exploitation…

There are many things told about zone transfers and why it is important to restrict the use of zone transfers. The DNS zone can contain sensitive information like DKIM keys or information about the…

2 points and 1 comments so far on reddit

The 2018 Medical Device Security 101 Conference, hosted by the University of Michigan’s Archimedes Center for Medical Device Security, is a 2.5-day educational workshop for healthcare providers, medical device manufacturers, and industry regulators to learn…

1 points and 0 comments so far on reddit

Extra security on a platform as big as Skype is always welcome.

Features of Cyber Security Training in Amsterdam 2018:
-Choose from 7 hands-on cyber security courses;
-Prepare for: GSEC, GCIH, GXPN and GCFE Certification;
-Take SANS Training in a classroom-like environment and under the supervision of a SANS Instructor;…

IntroductionSometimes personnel may take cybersecurity requirements too lightly, leading to dramatic consequences for the organizations they work for.In the recent WannaCry ransomware

This week's tools, tips and tricks episode is a tip on gathering guidelines on building a cybersecurity program. The Federal Communication Commission has a website for Cybersecurity planning. There you can download great beginning resources, especially if…

Looking at the smallest x64 shellcodes (section Linux / Intel x86-64) in shell-storm’s website, we find the following: Linux/x86-64 – reboot(POWER_OFF) – 19 bytes by zbt Linux/x86…

Finnish cybersecurity specialist F-Secure has reported another serious flaw in Intel hardware. It has nothing to do with the Spectre and Meltdown vulnerabilities, but has a huge "destructive potential" too.

👨🏻‍💻 Introduction & Background: This is a write-up of how I chained two vulnerabilities (an XSS and a CORS misconfiguration) that allowed me to steal contacts from a victim’s contact book. ...

Understanding the recent check on 'vtable' and a possible bypass technique

1 points and 0 comments so far on reddit

7 points and 0 comments so far on reddit

With all the hub-bub about Meltdown and Spectre, AMD CPUs are widely regarded as being perfectly safe. Well AMD chips may be safer, but they're not invulnerable.

Time, like love, is a universal subject in songs. Time is also a universal theme when discussing vulns; it’s a key component of risk…