Calling themselves “Memento team”, actors use Python-based ransomware that they reconfigured after setbacks.

Multiple vulnerabilities in concrete cms. A race condition in the file upload which resulted in RCE in Concrete CMS

Claroty's researchers discovered a new attack concept to target VPNs. Learn more.

While I was cruising along, taking in the views of the kernel landscape, I received a challenge … 1. Player 2 has entered the game The past weeks I mostly experimented with existing tooling and got…

Squirrelwaffle is known for using the tactic of sending malicious spam as replies to existing email chains. We look into how by investigating its exploit of Microsoft Exchange Server vulnerabilities, ProxyLogon and ProxyShell.

The vulnerability, found by NetSPI’s cloud pentesting practice director, Karl Fosaaen, affects any organization that uses Automation Account "Run as" accounts in Azure.

Introduction A core priority of the Windows Kernel team is to keep the operating system, applications, and users secure. Like many operating systems, Windows has a large codebase, a driver ecosystem, and a complex set of dependencies. Every day, many malicious…

Morphisec Labs encountered a new malware called Babadeda targeting cryptocurrency enthusiasts through Discord. We reveal how it can be stopped.

The Yamaha DX7 digital synthesizer was released in 1983 and became "one of the most important advances in the history of modern popular mu...

VMware officially released a risk notice for vCenter Server privilege escalation, the vulnerability number is CVE-2021-22048

Another poorly designed key derivation system

Exploiting a heap overflow in the TIPC subsystem of the Linux kernel. In this post we’ll exploit a N-day vulnerability (CVE-2021-43267) originally discovered by Max van Amerongen.

In this article I will present my research on insecure usage of $request_uri variable in Apache APISIX ingress controller. My work end up in submit of security vulnerability, which was positively confirmed and got CVE-2021-43557. At the end of article I will…

The phone spyware has new features that confer resistance to takedowns or manual removal

Executive Summary APT31 is long known to use Operational Relay Boxes (ORBs) and compromise routers.This report examines in detail their only publicly known router implant, dubbed “SoWaT&#8221…

ISA specifications describe the behaviour of a processor: the instructions,
memory protection, the privilege mechanisms, debug mechanisms, etc.
The traditional form of an ISA specification is as a paper document but,
as ISAs have grown, this has become unwieldy.…

Research By: Slava Makkaveev Introduction Taiwan’s MediaTek has been the global smartphone chip leader since Q3 2020. MediaTek Systems on a chip (SoCs) are embedded in approximately 37% of all smartphones and IoT devices in the world, including high-end phones…

In the run-up to Black Friday, Sansec discovered a sophisticated threat that is packed with never-seen stealth techniques. This malware, dubbed "CronRAT...