Reversing a Simple CrackMe with Ghidra Decompiler https://medium.com/@cy1337/reversing-a-simple-crackme-with-ghidra-decompiler-5dd1b1c3c0ba
Medium
Reversing a Simple CrackMe with Ghidra Decompiler
In this article, I will walk through a simple crackme challenge from the collection of sample files for A Guide to Reversing with Ghidra…
WS_RaceCondition_PoC: Simple PoC for demonstrating Race Conditions on Websockets https://github.com/redrays-io/WS_RaceCondition_PoC
GitHub
GitHub - redrays-io/WS_RaceCondition_PoC: Simple PoC for demonstrating Race Conditions on Websockets
Simple PoC for demonstrating Race Conditions on Websockets - redrays-io/WS_RaceCondition_PoC
Column-Level Encryption 101: What is It, implementation & Benefits https://www.piiano.com/blog/column-level-encryption
MCPTotal
Secure MCP Cloud for Enterprises
MCP Made Easy and secure - Onboard AI tools in a click.
Uncursing the ncurses: Memory corruption vulnerabilities found in library https://www.microsoft.com/en-us/security/blog/2023/09/14/uncursing-the-ncurses-memory-corruption-vulnerabilities-found-in-library/
Microsoft News
Uncursing the ncurses: Memory corruption vulnerabilities found in library
Attackers could have exploited memory corruption vulnerabilities in the ncurses library to elevate privileges, run code, & other actions.
Any sufficiently advanced uninstaller is indistinguishable from malware https://devblogs.microsoft.com/oldnewthing/20230911-00/?p=108749
Microsoft News
Any sufficiently advanced uninstaller is indistinguishable from malware
The common pattern of trying to delete yourself.
👍1🤯1
Bypassing UAC with SSPI Datagram Contexts https://splintercod3.blogspot.com/p/bypassing-uac-with-sspi-datagram.html
A detailed analysis of the Money Message Ransomware https://resources.securityscorecard.com/research/analysis-money-message-ransomware
Security Scorecard
[White Paper] A Detailed Analysis of The Money Message Ransomware
Konni Has Entered the Game: Exploiting WinRAR Vulnerability for Cyber Attacks https://deform.co/konni-has-entered-the-game-exploiting-winrar-vulnerability-for-cyber-attacks/
Deform
Konni Has Entered the Game: Exploiting WinRAR Vulnerability for Cyber Attacks - Deform
Groups of North Korean origin have long chosen the cryptocurrency sector as one of their targets, and until now, the main threat has come from the Lazarus
A Big Look at Security in OpenAPI https://blog.liblab.com/a-big-look-at-security-in-openapi/
Liblab
OpenAPI Security: Five types & best practices | Generate SDKs for your API with liblab
Explore OpenAPI security best practices. Learn the key methods and how they're implemented. See how liblab enhances SDK creation.
Tickling ksmbd: fuzzing SMB in the Linux kernel https://pwning.tech/ksmbd-syzkaller/
Pwning Tech
Tickling ksmbd: fuzzing SMB in the Linux kernel
Following the adventure of manually discovering network-based vulnerabilities in the Linux kernel, I'm adding ksmbd-fuzzing functionality to the already extensive kernel-fuzzing tool that is Syzkaller.
Fileless Remote Code Execution on Juniper Firewalls https://vulncheck.com/blog/juniper-cve-2023-36845
Wind River VxWorks tarExtract directory traversal vulnerability (CVE-2023-38346) https://www.pentagrid.ch/en/blog/wind-river-vxworks-tarextract-directory-traversal-vulnerability/
Pentagrid AG
Wind River VxWorks tarExtract directory traversal vulnerability (CVE-2
CVE-2023-38346 is a directory traversal vulnerability in Wind River's tarExtract function in VxWorks discovered by Pentagrid during a penetration test and source code review.
How To Rotate, an open-source collection of API Key Rotation tutorials https://howtorotate.com/docs/introduction/getting-started/
How to Rotate Leaked API Keys
Getting Started
Welcome to How To Rotate, an open-source collection of API Key Rotation tutorials. Each tutorial provides step-by-step instructions on how to remediate a leaked API key security vulnerability by (1) Generating a new API key, (2) Replacing the compromised…
Remote Code Execution in Tutanota Desktop due to Code Flaw https://www.sonarsource.com/blog/remote-code-execution-in-tutanota-desktop-due-to-code-flaw/
Sonarsource
Remote Code Execution in Tutanota Desktop due to Code Flaw
Our Research team discovered critical code vulnerabilities in Proton Mail, Skiff, and Tutanota. This post covers an XSS vulnerability in Tutanota Desktop and how it can be prevented.
HDF5 - Multiple Memory Corruption Vulnerabilities https://pulsesecurity.co.nz/advisories/hdf5-memory-corruption
Pulse Security
HDF5 - Multiple Memory Corruption Vulnerabilities
Multiple memory corruption vulnerabilities were discovered in the LibHDF5 library including heap overflow, use-after-free and stack exhaustion.