Security Brief: TA866 Returns with a Large Email Campaign https://www.proofpoint.com/us/blog/threat-insight/security-brief-ta866-returns-large-email-campaign
Proofpoint
Security Brief: TA866 Returns with a Large Email Campaign | Proofpoint US
What happened Proofpoint researchers identified the return of TA866 to email threat campaign data, after a nine-month absence. On January 11, 2024, Proofpoint blocked a large volume
Exploiting null-dereferences in the Linux kernel https://googleprojectzero.blogspot.com/2023/01/exploiting-null-dereferences-in-linux.html
projectzero.google
Exploiting null-dereferences in the Linux kernel - Project Zero
Posted by Seth Jenkins, Project Zero For a fair amount of time, null-deref bugs were a highly exploitable kernel bug class. Back when the kernel was able t...
👍1
Emulating an iPod Touch 2G using QEMU https://devos50.github.io/blog/2023/ipod-touch-2g-qemu/
devos50.github.io
Emulating an iPod Touch 2G using QEMU | Martijn de Vos
My personal website.
🔥2
$80M in Crypto Disappears Into Drainer-as-a-Service Malware Hell https://www.darkreading.com/cloud-security/80m-crypto-disappears-drainer-malware-hell
Dark Reading
$80M in Crypto Disappears Into Drainer-as-a-Service Malware Hell
The "Infernal Drainer" campaign represents a dangerous evolution in crypto-drainers, believably spoofing Coinbase and maintaining a vast infrastructure-for-rent biz.
A Full Analysis of the Pure Malware Family: Unique and Growing Threat https://any.run/cybersecurity-blog/pure-malware-family-analysis/
ANY.RUN's Cybersecurity Blog
Analysis of the Pure Malware Family: Unique and Growing Threat
Explore a detailed analysis of PureCrypter, PureLogs, and PureMiner, three representatives of the Pure malware family.
New TTPs observed in Mint Sandstorm campaign targeting high-profile individuals at universities and research orgs https://www.microsoft.com/en-us/security/blog/2024/01/17/new-ttps-observed-in-mint-sandstorm-campaign-targeting-high-profile-individuals-at-universities-and-research-orgs/
Microsoft News
New TTPs observed in Mint Sandstorm campaign targeting high-profile individuals at universities and research orgs
A distinct subset of Mint Sandstorm targets high-profile individuals working on Middle Eastern affairs at universities and research orgs.
FriendsDontLetFriends: Friends don't let friends make certain types of data visualization - What are they and why are they bad. https://github.com/cxli233/FriendsDontLetFriends
GitHub
GitHub - cxli233/FriendsDontLetFriends: Friends don't let friends make certain types of data visualization - What are they and…
Friends don't let friends make certain types of data visualization - What are they and why are they bad. - GitHub - cxli233/FriendsDontLetFriends: Friends don't let friends make ce...
Pillow’s Critical Flaw: CVE-2023-50447 Exposes Python Projects to Risk https://securityonline.info/pillows-critical-flaw-cve-2023-50447-exposes-python-projects-to-risk/
Cybersecurity News
Pillow's Critical Flaw: CVE-2023-50447 Exposes Python Projects to Risk
Duarte Santos uncovered a critical vulnerability, CVE-2023-50447, that could potentially allow attackers to execute arbitrary code.
💩1
A Recipe for Scaling Security https://bughunters.google.com/blog/5896512897417216/a-recipe-for-scaling-security
Google
Blog: A Recipe for Scaling Security
There are vastly more engineers at Google dedicated to creating and maintaining new products than there are security engineers working to secure products. For this reason, Google security has to focus on operating at scale and find ways to make meaningful…
🔥1
Fuzzer Development 1: The Soul of a New Machine https://h0mbre.github.io/New_Fuzzer_Project
The Human Machine Interface
Fuzzer Development 1: The Soul of a New Machine
Introduction && Credit to Gamozolabs For a long time I’ve wanted to develop a fuzzer on the blog during my weekends and freetime, but for one reason or another, I could never really conceptualize a project that would be not only worthwhile as an educational…
A lightweight method to detect potential iOS malware https://securelist.com/shutdown-log-lightweight-ios-malware-detection-method/111734/
Securelist
Detecting iOS malware via Shutdown.log file
Analyzing Shutdown.log file as a lightweight method to detect indicators of infection with sophisticated iOS malware such as Pegasus, Reign and Predator.
Cactus Ransomware https://www.shadowstackre.com/analysis/cactus
CVE-2024-0204: Fortra GoAnywhere MFT Authentication Bypass Deep-Dive https://www.horizon3.ai/attack-research/attack-blogs/cve-2024-0204-fortra-goanywhere-mft-authentication-bypass-deep-dive/
Horizon3.ai
CVE-2024-0204: Fortra GoAnywhere MFT Authentication Bypass Deep-Dive
CVE-2024-0204 Fortra GoAnywhere MFT Deep-Dive and Indicators of Compromise. This blog details the authentication bypass which allows an unauthenticated attacker to add an administrative user to the application.
Improving LLM Security Against Prompt Injection: AppSec Guidance For Pentesters and Developers https://blog.includesecurity.com/2024/01/improving-llm-security-against-prompt-injection-appsec-guidance-for-pentesters-and-developers/
Include Security Research Blog
Improving LLM Security Against Prompt Injection: AppSec Guidance For Pentesters and Developers - Include Security Research Blog
Developers should be using OpenAI roles to mitigate LLM prompt injection, while pentesters are missing vulnerabilities in LLM design.
One shot, Triple kill:
Pwning all three Google kernelCTF instances
with a single 1-day Linux vulnerability https://kaist-hacking.github.io/pubs/2023/kim:kernel-ctf-slides.pdf
Pwning all three Google kernelCTF instances
with a single 1-day Linux vulnerability https://kaist-hacking.github.io/pubs/2023/kim:kernel-ctf-slides.pdf
Few lesser known tricks, quirks and features of C https://jorenar.com/blog/less-known-c
Jorenar
Lesser known tricks, quirks, and features of C
👍1
Splunk RCE - PoC: Proof of concept exploit for CVE-2023-46214, SVD-2023-1104 https://github.com/nathan31337/Splunk-RCE-poc
GitHub
GitHub - nathan31337/Splunk-RCE-poc
Contribute to nathan31337/Splunk-RCE-poc development by creating an account on GitHub.