CVE-2023-39143: PaperCut Path Traversal/File Upload RCE Vulnerability
https://www.horizon3.ai/cve-2023-39143-papercut-path-traversal-file-upload-rce-vulnerability/
https://www.horizon3.ai/cve-2023-39143-papercut-path-traversal-file-upload-rce-vulnerability/
Horizon3.ai
CVE-2023-39143: PaperCut Path Traversal/File Upload RCE Vulnerability
CVE-2023-39143 is a critical vulnerability we disclosed to PaperCut that affects the widely used PaperCut NG/MF print management software. It affects PaperCut NG/MF running on Windows, prior to version 22.1.3. If you are a user of PaperCut on Windows, and…
A_Practical_Deep_Learning_Based_Acoustic_Side_Channel_Attack_on.pdf
12.8 MB
A Practical Deep Learning-Based Acoustic Side Channel Attack on Keyboards
Tool to automatically exploit Active Directory privilege escalation paths shown by BloodHound
autobloody:
https://github.com/CravateRouge/autobloody
autobloody:
https://github.com/CravateRouge/autobloody
GitHub
GitHub - CravateRouge/autobloody: Tool to automatically exploit Active Directory privilege escalation paths shown by BloodHound
Tool to automatically exploit Active Directory privilege escalation paths shown by BloodHound - CravateRouge/autobloody
16 September in Almaty (KZ) we will starting 5-th yearly Open SysConf’23 🐴 conference in the Kolesa Team office space.
I happy present it🎉
— https://news.1rj.ru/str/sysadm_in_channel/4776
I happy present it
— https://news.1rj.ru/str/sysadm_in_channel/4776
Please open Telegram to view this post
VIEW IN TELEGRAM
Telegram
Sys-Admin InfoSec
🚀 Open SysConf'23 Открыта регистрация на 16 Сентября
Помимо регистрации, предварительно обозначены keywords/тематики конференции:
— eBPF "сниффинг"
— "Старт" в Kubernetes
— RHCSA "путь сертификации"
— "кто есть" Software Analyst
— Тестинг "нагрузочный"…
Помимо регистрации, предварительно обозначены keywords/тематики конференции:
— eBPF "сниффинг"
— "Старт" в Kubernetes
— RHCSA "путь сертификации"
— "кто есть" Software Analyst
— Тестинг "нагрузочный"…
Microsoft AI Red Team building future of safer AI
https://www.microsoft.com/en-us/security/blog/2023/08/07/microsoft-ai-red-team-building-future-of-safer-ai/
https://www.microsoft.com/en-us/security/blog/2023/08/07/microsoft-ai-red-team-building-future-of-safer-ai/
Microsoft News
Microsoft AI Red Team building future of safer AI
Best practices help teams hunt for failures in AI systems, define a defense-in-depth approach, & grow security postures as AI systems evolve.
MOBILE_SECURITY_INTERVIEW_QUESTIONS_ANSWERS.pdf
231.8 KB
Mobile Security Interview Q/A
What is OpenBullet? And How Do Cybercriminals Use OpenBullet for Credential Stuffing?
https://www.kasada.io/openbullet/how-cybercriminals-use-openbullet/
https://www.kasada.io/openbullet/how-cybercriminals-use-openbullet/
Kasada
What is OpenBullet? And How Do Cybercriminals Use OpenBullet for Credential Stuffing? - Kasada
OpenBullet is used among penetration testers and web application security professionals but also by malicious actors for credential stuffing.
Free Hardware Probe from Globalping project
Globalping, an open-source initiative by jsDelivr, is taking the world by storm with its innovative approach to global network stability.
Now, you have the chance to receive your very own Globalping hardware probe, absolutely FREE:
https://explore.dnsfilter.com/dnsfilter-globalping-giveaway
Globalping, an open-source initiative by jsDelivr, is taking the world by storm with its innovative approach to global network stability.
Now, you have the chance to receive your very own Globalping hardware probe, absolutely FREE:
https://explore.dnsfilter.com/dnsfilter-globalping-giveaway
Bypassing Tunnels: Leaking VPN Client Traffic by Abusing Routing Tables
🔹 https://papers.mathyvanhoef.com/usenix2023-tunnelcrack.pdf
Please open Telegram to view this post
VIEW IN TELEGRAM
Knocking on Hell's Gate - EDR Evasion Through Direct Syscalls
🔹 https://labs.en1gma.co/malwaredevelopment/evasion/security/2023/08/14/syscalls.html
Please open Telegram to view this post
VIEW IN TELEGRAM
CFP-комитет OFFZONE 2023 завершил отбор
На сайте конференции организаторы готовы рассказать, какие доклады будут на OFFZONE 2023.
Программа будет пополняться, обновление можно отследить на сайте
• https://offzone.moscow/program/
На сайте конференции организаторы готовы рассказать, какие доклады будут на OFFZONE 2023.
Программа будет пополняться, обновление можно отследить на сайте
• https://offzone.moscow/program/
Awareness about Awareness. Part 2
Several years ago I spoke on KHS 2018 about of Awareness with presentation named - Awareness about Awareness…
Now I see - classical awarenes model working not adequately… On KHS 2023 we will try to consider why it is so, what to do about it…
On this conference will many cooll speakers, cybersec/infosec subjects, people. Will meet on KHS 20223! ✊
Details on official KHS site:
🔹 . https://kazhackstan.com
Several years ago I spoke on KHS 2018 about of Awareness with presentation named - Awareness about Awareness…
Now I see - classical awarenes model working not adequately… On KHS 2023 we will try to consider why it is so, what to do about it…
On this conference will many cooll speakers, cybersec/infosec subjects, people. Will meet on KHS 20223! ✊
Details on official KHS site:
Please open Telegram to view this post
VIEW IN TELEGRAM
ProxyNation: The dark nexus between proxy apps and malware
https://cybersecurity.att.com/blogs/labs-research/proxynation-the-dark-nexus-between-proxy-apps-and-malware
https://cybersecurity.att.com/blogs/labs-research/proxynation-the-dark-nexus-between-proxy-apps-and-malware
LevelBlue
ProxyNation: Malware-Driven Proxy Surge
LevelBlue Labs uncovers a vast malware campaign delivering hidden proxies. Explore the threat landscape