Story of a Pentester Recruitment 2025 #PentesterRecruitment2025 #SilentSignal #EthicalHacking #WebApplicationTesting #VulnerabilitiesIdentification https://blog.silentsignal.eu/2025/01/14/pentester-recruitment-2025-mushroom/
Silent Signal Techblog
Story of a Pentester Recruitment 2025
Because we can!
Millions of Accounts Vulnerable due to Google’s OAuth Flaw #GoogleOAuthFlaw #SensitiveDataRisk #MillionsAffected #TruffleSecurityCo #OauthVulnerability https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw
Trufflesecurity
Millions of Accounts Vulnerable due to Google’s OAuth Flaw ◆ Truffle Security Co.
Millions of Americans can have their data stolen right now because of a deficiency in Google’s “Sign in with Google” authentication flow. If you’ve worked for a startup in the past - especially one that has since shut down - you might be vulnerable.
👍2
Laser Fault Injection on a Budget: RP2350 Edition #RP2350 #LaserFaultInjection #SecureBootBypass #CustomPlatform #RP2350HackingChallenge https://courk.cc/rp2350-challenge-laser
Courk's Blog
Laser Fault Injection on a Budget: RP2350 Edition
In August 2024, Raspberry Pi introduced the RP2350 microcontroller. This part iterates over the RP2040 and comes with numerous new features. These include security-related capabilities, such as a Secure Boot implementation. A couple of days after this announcement…
RSYNC: 6 vulnerabilities #osssecurity #RSYNC #vulnerabilities #opensource https://www.openwall.com/lists/oss-security/2025/01/14/3
🔥3
Authentication bypass in Node.js websocket module and CSF requests #PSIRT #FortiGuardLabs #Vulnerability #AuthenticationBypass #CriticalSeverity https://fortiguard.fortinet.com/psirt/FG-IR-24-535
FortiGuard Labs
PSIRT | FortiGuard Labs
None
From arbitrary pointer dereference to arbitrary read/write in latest Windows 11 #Windows11 #VBS #HVCI #KFCT #ArbitraryReadWrite https://security.humanativaspa.it/from-arbitrary-pointer-dereference-to-arbitrary-read-write-in-latest-windows-11/
HN Security
From arbitrary pointer dereference to arbitrary read/write in latest Windows 11 - HN Security
In the last part of this Windows kernel exploitation series, we successfully exploited an arbitrary pointer dereference, bypassing SMEP and […]
🔥3
EvilKnievelnoVNC: Weaponized EvilnoVNC: Scalable and semi-automated MFA-Phishing #EvilKnievelnoVNC #MFAphishing #GitHub #Security #AI https://github.com/ms101/EvilKnievelnoVNC
GitHub
GitHub - ms101/EvilKnievelnoVNC: Weaponized EvilnoVNC: Scalable and semi-automated MFA-Phishing
Weaponized EvilnoVNC: Scalable and semi-automated MFA-Phishing - ms101/EvilKnievelnoVNC
2024 CVEs in Review https://vulnerability.blog/2025/01/14/2024-cves-in-review/
Vulnerability Blog
2024 CVEs in Review
Now that 2024 has come to its conclusion, I’ve decided to kick off a post outlining some observations, trends, and insights for the CVEs published. As always more information is available in …
CVE-2025-0282 #CVE-2025-0282 #AttackerKB #Rapid7 #Vulnerability #Exploited https://attackerkb.com/topics/WzjO6MNGY3/cve-2025-0282
AttackerKB
CVE-2025-0282 | AttackerKB
A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2, and Ivanti Neurons for ZTA gatewa…
Microsoft Configuration Manager (ConfigMgr) 2403 Unauthenticated SQL injections #MicrosoftConfigurationManager #UnauthenticatedSQL #CriticalVulnerability #CVE-2024-43468 #RemoteCodeExecution https://www.synacktiv.com/advisories/microsoft-configuration-manager-configmgr-2403-unauthenticated-sql-injections
Synacktiv
Microsoft Configuration Manager (ConfigMgr) 2403 Unauthenticated SQL injections
Hack The Emulated Planet: Vulnerability Hunting on Planet WGS-804HPT Industrial Switches #PlanetWGS804HPT #VulnerabilityHunting #EmulationTools #RemoteCodeExecution #ExploitDevelopment https://claroty.com/team82/research/hack-the-emulated-planet-vulnerability-hunting-on-planet-wgs-804hpt-industrial-switches
Claroty
Hack The Emulated Planet: Vulnerability Hunting on Planet WGS-804HPT Industrial Switches
Claroty Team82 used QEMU to emulate the relevant system components of Planet Technology Corp’s WGS-804HPT Industrial switch, and uncovered three vulnerabilities that could allow an attacker to remotely execute code on a vulnerable device. The vulnerabilities…
Bypassing disk encryption on systems with automatic TPM2 unlock #TPM2 #Security #DiskEncryption #PCRSelection #Vulnerability https://oddlama.org/blog/bypassing-disk-encryption-with-tpm2-unlock/
oddlama.org
Bypassing disk encryption on systems with automatic TPM2
unlock | oddlama's blog
unlock | oddlama's blog
oddlama's personal web page and blog
Let’s talk about AI and end-to-end encryption #AI #EndToEndEncryption #Privacy #DataProcessing #FutureConcerns https://blog.cryptographyengineering.com/2025/01/17/lets-talk-about-ai-and-end-to-end-encryption/
A Few Thoughts on Cryptographic Engineering
Let’s talk about AI and end-to-end encryption
Recently I came across a fantastic new paper by a group of NYU and Cornell researchers entitled “How to think about end-to-end encryption and AI.” I’m extremely grateful to see th…
SSD Advisory – cldflt Heap-based Overflow (PE) #SSDAdvisory #HeapBasedOverflow #CloudFiles #MicrosoftWindows #CVE-2024-30085 https://ssd-disclosure.com/ssd-advisory-cldflt-heap-based-overflow-pe/
SSD Secure Disclosure
SSD Advisory - cldflt Heap-based Overflow (PE) - SSD Secure Disclosure
Summary A vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. To exploit this vulnerability, an attacker must first obtain the ability to execute low-privileged code on the target system. The specific…
NaN Of Your Business - My Favorite Unintended CTF Solution #CTF #UnintendedSolution #NaN #FunChallenge #Educational https://maxwelldulin.com/BlogPost/NaN-Of-Your-Business-My-Favorite-Unintended-CTF-Solution
Strikeout Security Blog
NaN Of Your Business - My Favorite Unintended CTF Solution
Floats in C are weird. Floating point number rounding and NaN shenanigans to bypass security protections.
👍2🔥1🤬1💩1
Vulnerability Archeology: Stealing Passwords with IBM i Access Client Solutions #VulnerabilityArcheology #PasswordStealing #IBM #EthicalHacking #SilentSignalTechblog https://blog.silentsignal.eu/2025/01/21/ibm-acs-password-dump/
Silent Signal Techblog
Vulnerability Archeology: Stealing Passwords with IBM i Access Client Solutions
Because we can!
🔥1🤮1
Reverse Engineering Call Of Duty Anti-Cheat #ReverseEngineering #CallOfDuty #AntiCheat #Arxan #APIHookDetection https://ssno.cc/posts/reversing-tac-1-4-2025/
ssno
Reverse Engineering Call Of Duty Anti-Cheat
Interested in Anti-Cheat analysis? I highly recommend checking out Guided Hacking’s Anti-Cheat section. I’ve been reversing Black Ops Cold War for a while now, and I’ve finally decided to share my research regarding the user-mode anti-cheat inside the game.…
Do the CONTEC CMS8000 Patient Monitors Contain a Chinese Backdoor? The Reality is More Complicated… #ContecCMS8000 #ChineseBackdoor #VulnerabilityResearch #InsecureDesign #PatientMonitorSecurity https://claroty.com/team82/research/are-contec-cms8000-patient-monitors-infected-with-a-chinese-backdoor-the-reality-is-more-complicated
Claroty
Do the CONTEC CMS8000 Patient Monitors Contain a Chinese Backdoor? The Reality is More Complicated…
Team82 investigated what CISA labeled a backdoor in the Contec CMS8000 patient monitoring system and concluded that instead, the decision to include a hardcoded IP address is instead an insecure and risky design choice on the part of the vendor.
SSD Advisory – Palo Alto Expedition RCE (regionsDiscovery) https://ssd-disclosure.com/ssd-advisory-palo-alto-expedition-rce-regionsdiscovery/
SSD Secure Disclosure
SSD Advisory - Palo Alto Expedition RCE (regionsDiscovery) - SSD Secure Disclosure
Summary A vulnerability in Palo Alto Expedition allows remote attackers who can reach the web interface to execute arbitrary code. Credit An independent security researcher working with SSD Secure Disclosure. Vendor Response Palo Alto has released the following…