In this part, we'll continue the analysis of APT33's Dropshot using Cutter, a GUI for radare2. We'll learn how to decrypt Dropshot's payload and write a noscript to do it quickly.

I've spoken a couple of time recently about CT and it really is an awesome thing to have. We can now add one more wicked feature to our arsenal thanks to CT and Facebook, and that's the ability to easily detect phishing sites. Certificate Transparency I've…

tld_scanner - Scan all possible TLD's for a given domain name

Sometimes managers must deal with penetration test results that are not what they wanted to see. Raxis CTO, Brian Tant, talks about next steps.

At Rhino Security Labs, we do a lot of penetration testing for AWS architecture, and related AWS security research.  This will cover findings in Privilege Escalation methods

Hacker news | China supposedly exfiltrated classified data pertaining to the US Navy projects after a successful cyber-attack on an unnamed Navy contractor caused the loss of 614 gigabytes of cryptographic information, sensor data

This research on "Deserialization vulnerabilities in various languages" uses examples of vulnerable implementations of the deserialization processes. In this post, we show the results of the research and the new approach of attacking deserialization in JS.

In software security, root cause analysis (RCA) is the process used to “remove the mystery” from irregular software execution and measure the security impact...

We at Forcepoint have recently touched on the topic of WebAssembly (also known as WA or Wasm). Part of this effort was discussed briefly in an earlier blog post on in-browser coin mining. Today we are going to talk more about the basics of Wasm, and discuss…

By developing custom C#-based assemblies, attackers no longer need to rely on the tools present on the target system; they can instead write and deliver their own tools using a technique we call Bring Your Own Land (BYOL).

sslmerge - Is an open source tool to help you build a valid SSL certificate chain from the root certificate to the end-user certificate. Also can help you fix the incomplete certificate chain and d...

7 votes and 0 so far on reddit

TL;DR Following the wrong link could allow remote attackers to control your WiFi router, Google Home, Roku, Sonos speakers, home…

It's been nearly two months since the high profile BGP hijack attack against MyEtherwallet, where crypto thieves used BGP leaks to hijack MEW's name servers, which were on Amazon's Route53, and inserted their own fake name servers which directed victims to…

ZeroFont attacks involve inserting hidden words with a font size of zero that are invisible to the recipient into a phishing email in order to fool Microsoft's impersonation scanning.

Affected Software: IPConfigure Orchid Core VMS (All versions < 2.0.6, tested on Linux and Windows) Vulnerability: Unauthenticated Privileged Directory Traversal CVE: CVE-2018-10956 Impact: Arbit…