New Rilide Stealer Version Targets Banking Data and Works Around Google Chrome Manifest V3
https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/new-rilide-stealer-version-targets-banking-data-and-works-around-google-chrome-manifest-v3/
https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/new-rilide-stealer-version-targets-banking-data-and-works-around-google-chrome-manifest-v3/
Trustwave
New Rilide Stealer Version Targets Banking Data and Works Around Google Chrome Manifest V3
Trustwave SpiderLabs discovered a new version of the Rilide Stealer extension targeting Chromium-based browsers such as Google Chrome, Microsoft Edge, Brave, and Opera. This malware uses a creative way to work around the Chrome Extension Manifest V3 from…
Encrypted_Channel_Red_Team_MITRE_T1573.pdf
1.5 MB
Encrypted Channel for Red Teamers (MITRE:T1573)
CVE-2023-39143: PaperCut Path Traversal/File Upload RCE Vulnerability
https://www.horizon3.ai/cve-2023-39143-papercut-path-traversal-file-upload-rce-vulnerability/
https://www.horizon3.ai/cve-2023-39143-papercut-path-traversal-file-upload-rce-vulnerability/
Horizon3.ai
CVE-2023-39143: PaperCut Path Traversal/File Upload RCE Vulnerability
CVE-2023-39143 is a critical vulnerability we disclosed to PaperCut that affects the widely used PaperCut NG/MF print management software. It affects PaperCut NG/MF running on Windows, prior to version 22.1.3. If you are a user of PaperCut on Windows, and…
A_Practical_Deep_Learning_Based_Acoustic_Side_Channel_Attack_on.pdf
12.8 MB
A Practical Deep Learning-Based Acoustic Side Channel Attack on Keyboards
Tool to automatically exploit Active Directory privilege escalation paths shown by BloodHound
autobloody:
https://github.com/CravateRouge/autobloody
autobloody:
https://github.com/CravateRouge/autobloody
GitHub
GitHub - CravateRouge/autobloody: Tool to automatically exploit Active Directory privilege escalation paths shown by BloodHound
Tool to automatically exploit Active Directory privilege escalation paths shown by BloodHound - CravateRouge/autobloody
16 September in Almaty (KZ) we will starting 5-th yearly Open SysConf’23 🐴 conference in the Kolesa Team office space.
I happy present it🎉
— https://news.1rj.ru/str/sysadm_in_channel/4776
I happy present it
— https://news.1rj.ru/str/sysadm_in_channel/4776
Please open Telegram to view this post
VIEW IN TELEGRAM
Telegram
Sys-Admin InfoSec
🚀 Open SysConf'23 Открыта регистрация на 16 Сентября
Помимо регистрации, предварительно обозначены keywords/тематики конференции:
— eBPF "сниффинг"
— "Старт" в Kubernetes
— RHCSA "путь сертификации"
— "кто есть" Software Analyst
— Тестинг "нагрузочный"…
Помимо регистрации, предварительно обозначены keywords/тематики конференции:
— eBPF "сниффинг"
— "Старт" в Kubernetes
— RHCSA "путь сертификации"
— "кто есть" Software Analyst
— Тестинг "нагрузочный"…
Microsoft AI Red Team building future of safer AI
https://www.microsoft.com/en-us/security/blog/2023/08/07/microsoft-ai-red-team-building-future-of-safer-ai/
https://www.microsoft.com/en-us/security/blog/2023/08/07/microsoft-ai-red-team-building-future-of-safer-ai/
Microsoft News
Microsoft AI Red Team building future of safer AI
Best practices help teams hunt for failures in AI systems, define a defense-in-depth approach, & grow security postures as AI systems evolve.
MOBILE_SECURITY_INTERVIEW_QUESTIONS_ANSWERS.pdf
231.8 KB
Mobile Security Interview Q/A
What is OpenBullet? And How Do Cybercriminals Use OpenBullet for Credential Stuffing?
https://www.kasada.io/openbullet/how-cybercriminals-use-openbullet/
https://www.kasada.io/openbullet/how-cybercriminals-use-openbullet/
Kasada
What is OpenBullet? And How Do Cybercriminals Use OpenBullet for Credential Stuffing? - Kasada
OpenBullet is used among penetration testers and web application security professionals but also by malicious actors for credential stuffing.
Free Hardware Probe from Globalping project
Globalping, an open-source initiative by jsDelivr, is taking the world by storm with its innovative approach to global network stability.
Now, you have the chance to receive your very own Globalping hardware probe, absolutely FREE:
https://explore.dnsfilter.com/dnsfilter-globalping-giveaway
Globalping, an open-source initiative by jsDelivr, is taking the world by storm with its innovative approach to global network stability.
Now, you have the chance to receive your very own Globalping hardware probe, absolutely FREE:
https://explore.dnsfilter.com/dnsfilter-globalping-giveaway
Bypassing Tunnels: Leaking VPN Client Traffic by Abusing Routing Tables
🔹 https://papers.mathyvanhoef.com/usenix2023-tunnelcrack.pdf
Please open Telegram to view this post
VIEW IN TELEGRAM
Knocking on Hell's Gate - EDR Evasion Through Direct Syscalls
🔹 https://labs.en1gma.co/malwaredevelopment/evasion/security/2023/08/14/syscalls.html
Please open Telegram to view this post
VIEW IN TELEGRAM
CFP-комитет OFFZONE 2023 завершил отбор
На сайте конференции организаторы готовы рассказать, какие доклады будут на OFFZONE 2023.
Программа будет пополняться, обновление можно отследить на сайте
• https://offzone.moscow/program/
На сайте конференции организаторы готовы рассказать, какие доклады будут на OFFZONE 2023.
Программа будет пополняться, обновление можно отследить на сайте
• https://offzone.moscow/program/