We’ve previously reported on a Nokoyawa ransomware case in which the initial access was via an Excel macro and IcedID malware. This case, which also ended in Nokoyawa Ransomware, involved the…

A new attack exploits the novel Openfire vulnerability (CVE-2023-32315) to deploy Kinsing malware and crypto miners to gain full control over the server.

As a researcher I often run into situations in which I need to make a compiled binary do things that it wouldn’t normally do or change the way it works in some way. Of course, if one…

Vulnerability intelligence that predicts avenues of attack with speed and accuracy.

I’ve often been in the situation of explaining lateral movement to people who do not work in the offensive security field on a daily basis or have a different level of technical understanding…

Greetings, folks! Today, we’re thrilled to introduce you to our latest tool: Session Hijacking Visual Exploitation, or SHVE. This open-source tool, now available on our GitHub, offers a novel way to hijack a victim’s browser sessions, utilizing them as a…

Leverage eBPF to secure internet-facing APIs: FastAPI, BlackSheep, Flask, Django, aiohttp, Tornado, and more.

Summary A vulnerability in Windows’s File History Service allows local users to gain elevated privileges on the Windows operating system. Credit An independent security researcher working with SSD Secure Disclosure, the vulnerability was one of the winners…

Attackers have quite a few sneaky ways to gather information from your WordPress website. They can get their hands on details like the WordPress version you're using, the active plugins and their versions, and even info about your active users. In this article…

ASN / RPKI validity / BGP stats / IPv4v6 / Prefix / URL / ASPath / Organization / IP reputation / IP geolocation / IP fingerprinting / Network recon / lookup API server / Web traceroute server - ni...

Discovery and walkthrough of CVE-2023-38633 in librsvg, when two URL parser implementations (Rust and Glib) disagree on file scheme parsing leading to path traversal.

Apache Superset is a popular open source data exploration and visualization tool. In a previous post, we disclosed a vulnerability, CVE-2023-27524, affecting thousands of Superset servers on the Internet, that enables unauthorized attackers to gain admin…

Indian Android users are under threat from DogeRAT, a malicious software that illicitly accesses critical data, including banking information, contacts, and

BugProve uncovers seven pre-authentication remote code execution flaws and 26 post-authentication code execution vectors in Zavio IP cameras. Despite repeated warnings, Zavio remained unresponsive, necessitating intervention from CISA.

Nagios-compatible systems are some of the most widely used infrastructure monitoring solutions. They use “plugins” to monitor server performance, with “Nagios Core” interpreting results. However, there’s a potentially significant security issue with Nagios…

nothing interesting