Windows Defender has improved significantly the security posture of Windows environments since it has better detection capabilities compare to other security products. When a process is created Win…

On Patch Tuesday, January 12, 2021, Microsoft released a patch for CVE-2021-1678, an important vulnerability discovered by CrowdStrike researchers.

Details on an ongoing campaign, which we attribute to a government-backed entity based in North Korea, targeting security researchers working on vulnerability research and development.

Facebook AI introduces a neural-based decompiler framework called N-Bref, which improves traditional decompilation systems’ performance accuracy. The research led by Jishen Zhao is a collaboration between FAIR and UCSD STABLE Lab. This study presents a comprehensive…

The Story of a Novel Supply Chain Attack

Contribute to ModernPwner/cicuta_virosa development by creating an account on GitHub.

Apple G13 GPU architecture docs and tools. Contribute to dougallj/applegpu development by creating an account on GitHub.

Library, learning resources, downloads, support, and community. Evaluate and find out how to install, deploy, and maintain Windows with Sysinternals utilities.

Since the PoC for the VMware vCenter RCE (CVE-2021-21972) is now readily available, we’re publishing our article covering all of the technical details. In fall of 2020, I discovered couple vulnerabilities in the vSphere Client component of VMware vCenter.…

Share your videos with friends, family, and the world

:arrow_up: :skull_and_crossbones: :fire: Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock - GitHub - liamg/traitor: :arrow_up: :fire: ...

Posted by James Forshaw, Project Zero In December Microsoft fixed 4 issues in Windows in the Cloud Filter and Windows Overlay Filter (WOF) d...

Microsoft has detected multiple 0-day exploits being used to attack on-premises versions of Microsoft Exchange Server in limited and targeted attacks. In the attacks observed, threat actors used this vulnerability to access on-premises Exchange servers, which…

Earlier this month, I came back around to seriously considering an attempt at bitsquatting. While the prior link goes into great depth on the topic, I will attempt to give a very high level overview here: