An Introduction into Stack Spoofing https://dtsec.us/2023-09-15-StackSpoofin/
Nigerald's blog
An Introduction into Stack Spoofing
And losing my sanity against Elastic
Advanced CyberChef Techniques for Configuration Extraction - Detailed Walkthrough and Examples https://www.embeeresearch.io/advanced-cyberchef-operations-netsupport/
Embee Research
Advanced CyberChef Techniques For Malware Analysis - Detailed Walkthrough and Examples
Advanced CyberChef techniques using Registers, Regex and Flow Control
How I Escalated a Time-Based SQL Injection to RCE https://infosecwriteups.com/how-i-escalated-a-time-based-sql-injection-to-rce-bbf0d68cb398
Medium
How I Escalated a Time-Based SQL Injection to RCE
Good day everyone! I hope all of you are doing well.
New WiFi Authentication Vulnerabilities Discovered https://www.top10vpn.com/research/wifi-vulnerabilities/
Top10Vpn
New WiFi Authentication Vulnerabilities Discovered
Two new WiFi vulnerabilities allow hackers to trick you into connecting to fake hotspots and steal your data, and join secure networks without the password.
Hacking Terraform State for Privilege Escalation https://blog.plerion.com/hacking-terraform-state-privilege-escalation/
Plerion
Hacking Terraform State for Privilege Escalation
What can an attacker do if they can edit Terraform state? The answer should be 'nothing' but is actually 'take over your CI/CD pipeline'.
Keylogging in the Windows Kernel with undocumented data structures https://eversinc33.com/posts/kernel-mode-keylogging.html
Hidden GitHub Commits and How to Reveal Them https://neodyme.io/en/blog/github_secrets/
neodyme.io
Hidden GitHub Commits and How to Reveal Them
We have created a tool for GitHub that can reveal commits that potentially contain sensitive information and are not accessible via the public Git history, but that may be of interest or were intentionally deleted.
Threat Brief: WordPress Plugin Exploit Leads to Godzilla Web Shell, Discovery & New CVE https://thedfirreport.com/2024/03/04/threat-brief-wordpress-exploit-leads-to-godzilla-web-shell-discovery-new-cve/
The DFIR Report
Threat Brief: WordPress Plugin Exploit Leads to Godzilla Web Shell, Discovery & New CVE
Below is a recent Threat Brief that we shared with our customers. Each year, we produce over 20 detailed Threat Briefs, which follow a format similar to the below. Typically, these reports include …
On Loaded vs. Executed Libraries During Runtime – What This Means for Reachability https://www.oligo.security/blog/loaded-vs-executed-libraries
www.oligo.security
On Loaded vs. Executed Libraries During Runtime | Oligo Security
The Application Security domain has evolved significantly over the last decade. It’s no surprise then, that with this evolution, comes a jungle of tools that not only causes a lot of confusion, but also a lot of noise, and overlapping messages.
Code injection on Android without ptrace https://erfur.github.io/blog/dev/code-injection-without-ptrace
erfur's bits and pieces
Code injection on Android without ptrace
Evasive Panda leverages Monlam Festival to target Tibetans https://www.welivesecurity.com/en/eset-research/evasive-panda-leverages-monlam-festival-target-tibetans/
Welivesecurity
Evasive Panda leverages Monlam Festival to target Tibetans
ESET research uncovers a cyberespionage campaign that has been victimizing Tibetans through targeted watering hole (also known as a strategic web compromise) and supply-chain compromise attacks
Lord Nemesis Strikes: Supply Chain Attack on the Israeli Academic Sector https://op-c.net/blog/lord-nemesis-strikes-supply-chain-attack-on-the-israeli-academic-sector/
OP Innovate - Premium Application Penetration testing and Incident Response
Lord Nemesis Strikes: Supply Chain Attack on the Israeli Academic Sector - OP INNOVATE
Lord Nemesis, an Iranian hacktivist group, breaches Rashim Software and its Israeli academic clients in a supply chain attack. Learn about the attack, the risks posed by third-party vendors, and how organizations can strengthen their defenses against politically…
Git-Rotate: Leveraging GitHub Actions to Bypass Microsoft Entra Smart lockout https://research.aurainfosec.io/pentest/git-rotate/
Aura Research Division
Git-Rotate: Leveraging GitHub Actions to Bypass Microsoft Entra Smart lockout
Explore how GitHub Actions can be leveraged to rotate IP addresses during password spraying attacks to bypass IP-Based blocking such as Entra Smart lockout.
Donex ransomware https://www.shadowstackre.com/analysis/donex
Behind the doors of a Chinese hacking company, a sordid culture fuelled by influence, alcohol and sex https://www.ctvnews.ca/world/behind-the-doors-of-a-chinese-hacking-company-a-sordid-culture-fuelled-by-influence-alcohol-and-sex-1.6799679
CTVNews
Behind the doors of a Chinese hacking company, a sordid culture fuelled by influence, alcohol and sex
A highly unusual leak last month of internal documents from a private contractor linked to China's government and police revealed the sordid wheeling and dealing that takes place behind the scenes in China's hacking industry.
👍1
Analyze installed Android applications for security risks in Termux https://www.mobile-hacker.com/2024/03/11/analyze-installed-android-applications-for-security-risks-in-termux/
Mobile Hacker
Analyze installed Android applications for security risks in Termux
I will show you how to install and run it on non-rooted Android device using Termux app. This brings convenience of analyzing Android apps directly on device
CVE-2024–23897 – Arbitrary file read in Jenkins https://blog.securelayer7.net/arbitrary-file-read-in-jenkins/
SecureLayer7 - Offensive Security, API Scanner & Attack Surface Management
CVE-2024–23897 – Arbitrary file read in Jenkins
Overview CVE-2024–23897 is a critical vulnerability discovered in Jenkins, with a high CVSS score of 9.8. This vulnerability allows the attacker to read files in the system through Command-Line...
NextChat: An AI Chatbot That Lets You Talk to Anyone You Want To https://www.horizon3.ai/attack-research/attack-blogs/nextchat-an-ai-chatbot-that-lets-you-talk-to-anyone-you-want-to/
Horizon3.ai
NextChat: An AI Chatbot That Lets You Talk to Anyone You Want To
NextChat a.k.a ChatGPT-Next-Web, a popular Gen AI ChatBot, is vulnerable to a critical server-side request forgery (SSRF) vulnerability.
Introduction to LLM Security https://blog.cloudsecuritypartners.com/introduction-to-llm-security/
Cloud Security Partners Blog
Introduction to LLM Security
In the dynamic world of AI today, Large Language Models (LLMs) stand out as one of the most interesting and capable technologies. The ability to answer arbitrary prompts has numerous business use cases. As such, they are rapidly being integrated into a variety…