TensorFlow Python Code Injection: More eval() Woes https://jfrog.com/blog/tensorflow-python-code-injection-more-eval-woes/
JFrog
TensorFlow Python Code Injection: More eval() Woes
Background JFrog security research team (formerly Vdoo) has recently disclosed a code injection issue in one of the utilities shipped with TensorFlow, a popular Machine Learning platform that’s widely used in the industry. The issue has been assigned to CVE…
Hands-On Muhstik Botnet: crypto-mining attacks targeting Kubernetes https://sysdig.com/blog/muhstik-malware-botnet-analysis/
Sysdig
Hands-On Muhstik Botnet: crypto-mining attacks targeting Kubernetes | Sysdig
How to detect the Muhstik Botnet attacking a Kubernetes Pod to control the Pod and mine cryptocurrency and DDoS.
When renting a hitman online goes horribly wrong https://blog.malwarebytes.com/privacy-2/2021/11/when-renting-a-hitman-online-goes-horribly-wrong/
Malwarebytes Labs
When renting a hitman online goes horribly wrong
We look at the long history of a site which claims to offer hitman services to the masses - with an inevitable twist in the tail.
Introduction to Dharma - Part 1https://blog.haboob.sa/blog/introduction-to-dharma-part-1
Haboob
Introduction to Dharma - Part 1 — Haboob
While targeting Adobe Acrobat JavaScript APIs, we were not only focusing on performance and the number of cases generated per second, but also on effective generation of valid inputs that cover different functionalities and uncover new vulnerabilities. Obtaining…
Windows Security Updates for Hackers https://bitsadm.in/blog/windows-security-updates-for-hackers
Debugging a weird 'file not found' error https://jvns.ca/blog/2021/11/17/debugging-a-weird--file-not-found--error/
Julia Evans
Debugging a weird 'file not found' error
A tool for profiling heap usage and memory management https://github.com/zznop/vizzy
GitHub
GitHub - zznop/vizzy: Tool for profiling heap usage and memory management
Tool for profiling heap usage and memory management - zznop/vizzy
The Art of PerSwaysion: Investigation of a Long-Lived Phishing Kit https://www.seclarity.io/resources/blog/the-art-of-perswaysion-phishing-kit/
www.seclarity.io
Blog - The Art of PerSwaysion: Investigation of a Long-Lived Phishing Kit
Instant. Actionable. Insights.
[Conti] Ransomware Group In-Depth Analysis https://www.prodaft.com/resource/detail/conti-ransomware-group-depth-analysis
PRODAFT
PRODAFT – Cyber Threat Intelligence and Risk Intelligence
Explore advanced cybersecurity solutions, providing proactive defense against emerging threats. Learn more about our tailored intelligence, and cybercrime investigation solutions.
Abusing Google Drive's Email File Functionality https://mrd0x.com/abusing-google-drives-email-file-functionality/
Mrd0X
Security Research | mr.d0x
Providing security research and red team techniques
Nice summary of router security vulnerabilities » https://modemly.com/m1/pulse
Modemly
Router Bugs and Security Vulnerabilities
Router Bugs, Hacks, Security Vulnerabilities and remediation checklists
Vulnerability Spotlight: Use-after-free vulnerability in Google Chrome could lead to code execution https://blog.talosintelligence.com/2021/11/vulnerability-spotlight-user-after-free.html
Cisco Talos Blog
Vulnerability Spotlight: Use-after-free vulnerability in Google Chrome could lead to code execution
Marcin Towalski of Cisco Talos discovered this vulnerability.
Cisco Talos recently discovered an exploitable use-after-free vulnerability in Google Chrome.
Google Chrome is a cross-platform web browser — and Chromium is the open-source version of the browser…
Cisco Talos recently discovered an exploitable use-after-free vulnerability in Google Chrome.
Google Chrome is a cross-platform web browser — and Chromium is the open-source version of the browser…
Skrull: run malware on the victim using the Process Ghosting technique https://securityonline.info/skrull-run-malware-on-the-victim-using-the-process-ghosting-technique/
Cybersecurity News
Skrull: run malware on the victim using the Process Ghosting technique
Skrull is a malware DRM. It generates launchers that can run malware on the victim using the Process Ghosting technique
The Complete Guide to Understanding Apple Mac Security for Enterprise https://www.sentinelone.com/blog/the-complete-guide-to-understanding-apple-mac-security-for-enterprise-read-the-free-ebook/
SentinelOne
The Complete Guide to Understanding Apple Mac Security for Enterprise | Read the Free Ebook
Learn how to secure macOS devices in the enterprise with this in-depth review of the strengths and weaknesses of Apple's security technologies.
Advanced threat predictions for 2022 https://securelist.com/advanced-threat-predictions-for-2022/104870/
Securelist
Advanced threat predictions for 2022
Over the past 12 months, the style and severity of APT threats has continued to evolve. Despite their constantly changing nature, there is a lot we can learn from recent APT trends to predict what might lie ahead in the coming year.
Unlocking the Vault :: Unauthenticated Remote Code Execution against CommVault Command Center https://srcincite.io/blog/2021/11/22/unlocking-the-vault.html
New ransomware actor uses password-protected archives to bypass encryption protection https://news.sophos.com/en-us/2021/11/18/new-ransomware-actor-uses-password-protected-archives-to-bypass-encryption-protection/
Sophos News
New ransomware actor uses password-protected archives to bypass encryption protection
Calling themselves “Memento team”, actors use Python-based ransomware that they reconfigured after setbacks.
Multiple Concrete CMS vulnerabilities (part1 – RCE) https://www.fortbridge.co.uk/research/multiple-vulnerabilities-in-concrete-cms-part1-rce/
Cyber Security Services - London
Multiple Concrete CMS vulnerabilities ( part1 - RCE )
Multiple vulnerabilities in concrete cms. A race condition in the file upload which resulted in RCE in Concrete CMS
All Roads Lead to OpenVPN: Pwning Industrial Remote Access Clients https://claroty.com/2021/11/19/blog-research-all-roads-lead-to-openvpn-pwning-industrial-remote-access-clients/
Claroty
All Roads Lead to OpenVPN: Pwning Industrial Remote Access Clients
Claroty's researchers discovered a new attack concept to target VPNs. Learn more.
Kernel Karnage – Part 3 (Challenge Accepted) https://blog.nviso.eu/2021/11/16/kernel-karnage-part-3-challenge-accepted/
NVISO Labs
Kernel Karnage – Part 3 (Challenge Accepted)
While I was cruising along, taking in the views of the kernel landscape, I received a challenge … 1. Player 2 has entered the game The past weeks I mostly experimented with existing tooling and got…