CVE-2023-46604-Attacking & Defending ActiveMQ https://www.prio-n.com/blog/cve-2023-46604-attacking-defending-ActiveMQ
PRIOn - AI Driven Vulnerablity Analysis & Prioritization
Blog - CVE-2023-46604-Attacking & Defending ActiveMQ - PRIOn
CVE-2023-46604 discloses a Remote Code Execution (RCE) flaw within Apache ActiveMQ. This vulnerability is trivial to exploit and its leveraged by threat actors.
SRE deep dive into Linux Page Cache https://biriukov.dev/docs/page-cache/0-linux-page-cache-for-sre/
Viacheslav Biriukov
Linux Page Cache for SRE
SRE deep dive into Linux Page Cache # Last updated: Oct 2025 Contents
Prepare environment for experiments Essential Page Cache theory Page Cache and basic file operations Page Cache eviction and page reclaim More about mmap() file access cgroup v2 and Page…
Prepare environment for experiments Essential Page Cache theory Page Cache and basic file operations Page Cache eviction and page reclaim More about mmap() file access cgroup v2 and Page…
CVE-2022-0435: A Remote Stack Overflow in The Linux Kernel https://blog.immunityinc.com/p/a-remote-stack-overflow-in-the-linux-kernel/?ref=0xor0ne.xyz
Immunity Inc. Blog
CVE-2022-0435: A Remote Stack Overflow in The Linux Kernel
CVE-2022-0435: A Remote Stack Overflow in The Linux Kernel Appgate Threat Advisory Services (CANVAS) discovered a vulnerability, where local or remote exploitation can lead to denial of service and code execution. Read more on the discovery and how to remediate.…
BLUFFS: Bluetooth Forward and Future Secrecy Attacks and Defenses https://francozappa.github.io/post/2023/bluffs-ccs23/
Daniele Antonioli
BLUFFS: Bluetooth Forward and Future Secrecy Attacks and Defenses | Daniele Antonioli
Breaking and fixing the Bluetooth standard. One More Time.
Paper Slides Toolkit CVE-2023-24023 BT SIG note
Paper Slides Toolkit CVE-2023-24023 BT SIG note
Good series here on NAT >> Everything you never knew about NATs and wish you hadn't asked https://educatedguesswork.org/posts/nat-part-1/
educatedguesswork.org
Everything you never knew about NATs and wish you hadn't asked
In which I talk about NAT, but mostly dunk on IPv6
Extracting Training Data from ChatGPT https://not-just-memorization.github.io/extracting-training-data-from-chatgpt.html
GoTitan Botnet - Ongoing Exploitation on Apache ActiveMQ https://www.fortinet.com/blog/threat-research/gotitan-botnet-exploitation-on-apache-activemq
Fortinet Blog
GoTitan Botnet - Ongoing Exploitation on Apache ActiveMQ
FortiGuardLabs uncovers the ongoing exploits targeting CVE-2023-46604, with the emergence of a new Golang botnet "GoTitan". Learn more. …
DICOM Demystified: Exploring the Underbelly of Medical Imaging https://claroty.com/team82/research/dicom-demystified-exploring-the-underbelly-of-medical-imaging
Claroty
DICOM Demystified: Exploring the Underbelly of Medical Imaging
Decompilation Debugging https://clearbluejar.github.io/posts/decompilation-debugging-pretending-all-binaries-come-with-source-code/
clearbluejar
Decompilation Debugging
Debugging an application can provide the insight needed troubleshoot a subtle bug in your software. Normally, when debugging, you have source code and data type information (aka symbols) to help navigate your application. In the world of Reverse Engineering…
TRAP; RESET; POISON; - Taking over a country Kaminsky style https://sec-consult.com/blog/detail/taking-over-a-country-kaminsky-style/
SEC Consult
TRAP; RESET; POISON; - Taking over a country Kaminsky style
A technical deep dive on how to poison the DNS name resolution of an entire country!
Encrypted traffic interception on Hetzner and Linode targeting the largest Russian XMPP (Jabber) messaging service https://notes.valdikss.org.ru/jabber.ru-mitm/
👍1
A Detailed Look at Pwn2Own Automotive EV Charger Hardware https://www.zerodayinitiative.com/blog/2023/11/28/a-detailed-look-at-pwn2own-automotive-ev-charger-hardware
Zero Day Initiative
Zero Day Initiative — A Detailed Look at Pwn2Own Automotive EV Charger Hardware
In a previous blog, we took a look at the ChargePoint Home Flex EV charger – one of the targets in the upcoming Pwn2Own Automotive contest. In this post, dive in with even greater detail on all of the EV Chargers targeted in the upcoming Pwn2Own Automotive…
PoC Exploit for Windows NTLM Privilege Escalation Flaw (CVE-2023-21746) Published https://securityonline.info/poc-exploit-for-windows-ntlm-privilege-escalation-flaw-cve-2023-21746-published/
Daily CyberSecurity
PoC Exploit for Windows NTLM Privilege Escalation Flaw (CVE-2023-21746) Published
Two security researchers Andrea Pierini & Antonio Cocomazzi announced the release of PoC exploits code targeting the CVE-2023-21746 flaw
Bypassing a noexec by elf roping https://blog.xilokar.info/bypassing-a-noexec-by-elf-roping.html
blog.xilokar.info
Bypassing a noexec by elf roping
Analysis of CVE-2023-46214 + PoC https://blog.hrncirik.net/cve-2023-46214-analysis
Hacker-Blog
Analysis of CVE-2023-46214 + PoC
CVE-2023-46214 is a Remote Code Execution (RCE) vulnerability found in Splunk Enterprise which was disclosed on November 16, 2023 in the Splunk security advisory SVD-2023-1104. The description of the vulnerability essentially states that Splunk Enterprise…
🔥2
Rust std fs slower than Python!? No, it's hardware! https://xuanwo.io/2023/04-rust-std-fs-slower-than-python/
xuanwo.io
Rust std fs slower than Python!? No, it's hardware!
Achieving Data Freedom Through Open Source and Rust