Microsoft Edge Developer VM Remote Code Execution #MicrosoftEdge #RemoteCodeExecution #InfoSec #Puppet #VMCompromise https://infosec.rm-it.de/2025/02/17/microsoft-edge-developer-vm-remote-code-execution/
Everyday Ghidra: How Platform Choice Influences Ghidra’s Binary Analysis #GhidraPlatformChoice #BinaryAnalysis #Windows #MacOS #ReverseEngineering https://medium.com/@clearbluejar/everyday-ghidra-how-platform-choice-influences-ghidras-binary-analysis-76c40db0e407
Medium
Everyday Ghidra: How Platform Choice Influences Ghidra’s Binary Analysis
Where you choose to “fly your dragon” truly matters. Learn the RE impacts of your runtime platform.
🔥3
How to prove false statements? (Part 3) #ProofingFalseStatements #CryptographicEngineering #FiatShamir #WeakChallenges #SecurityGuarantees https://blog.cryptographyengineering.com/2025/02/19/how-to-prove-false-statements-part-3/
A Few Thoughts on Cryptographic Engineering
How to prove false statements? (Part 3)
This is the third and penultimate post in a series about theoretical weaknesses in Fiat-Shamir as applied to proof systems. The first post is here, the second post is here, and you should probably …
ransacked: 119 vulnerabilities in LTE/5G core infrastructure #CellularSecurity #FloridaInstituteForCybersecurityResearch #LTE #5G #Vulnerabilities https://cellularsecurity.org/ransacked
JDBG: Java Dynamic Reverse Engineering and Debugging Tool #JDBG #JavaDynamicReverseEngineering #DebuggingTool #GitHub #OpenSource https://github.com/roger1337/JDBG
GitHub
GitHub - roger1337/JDBG: Java Dynamic Reverse Engineering and Debugging Tool
Java Dynamic Reverse Engineering and Debugging Tool - roger1337/JDBG
Exploring OpenSSH's Agent Forwarding RCE (CVE-2023-38408) #OpenSSH #AgentForwarding #RCE #CVE-2023-38408 #vsociety https://www.vicarius.io/vsociety/posts/exploring-opensshs-agent-forwarding-rce-cve-2023-38408
www.vicarius.io
Exploring OpenSSH's Agent Forwarding RCE (CVE-2023-38408) - vsociety
The Burn Notice, Part 1/5 — Revealing Shadow Copilots #TheBurnNotice #AIAgents #DataExtraction #CybersecurityThreats #CopilotStudio https://medium.com/@attias.dor/the-burn-notice-part-1-5-revealing-shadow-copilots-812def588a7a
Medium
The Burn Notice, Part 1/5 — Revealing Shadow Copilots
How We Extracted Financial Data from a Multi-Billion-Dollar Company
keycred: Generate and Manage KeyCredentialLinks #GitHub #Keycred #Generate #Manage #KeyCredentialLinks https://github.com/RedTeamPentesting/keycred
GitHub
GitHub - RedTeamPentesting/keycred: Generate and Manage KeyCredentialLinks
Generate and Manage KeyCredentialLinks. Contribute to RedTeamPentesting/keycred development by creating an account on GitHub.
Removing Jeff Bezos From My Bed #RemovingJeffBezos #TruffleSecurityCo #AIcodingrisks #IoTprivacyconcerns #SleepSolution https://trufflesecurity.com/blog/removing-jeff-bezos-from-my-bed
Trufflesecurity
Removing Jeff Bezos From My Bed ◆ Truffle Security Co.
Eight Sleep smart bed found to contain an exposed AWS key and a likely backdoor that allowed engineers to remotely access users' beds
Abusing VBS Enclaves to Create Evasive Malware https://www.akamai.com/blog/security-research/2025-february-abusing-vbs-enclaves-evasive-malware
Akamai
Abusing VBS Enclaves to Create Evasive Malware | Akamai
Learn how attackers can abuse VBS enclaves, a Windows security feature, for malicious purposes.
Mixing up Public and Private Keys in OpenID Connect deployments #OpenIDConnect #PublicPrivateKeyConfusion #ShortRSAKeys #CryptographyVulnerabilities #BetterSecurityPractices https://blog.hboeck.de/archives/909-Mixing-up-Public-and-Private-Keys-in-OpenID-Connect-deployments.html
Windows Process Internals: A few Concepts to know before jumping on Memory Forensics [Part 4] — VADs #MemoryForensics #VADstructures #KernelMemory #FileMapping #MemoryProtection https://imphash.medium.com/windows-process-internals-a-few-concepts-to-know-before-jumping-on-memory-forensics-part-4-16c47b89e826
Medium
Windows Process Internals: A few Concepts to know before jumping on Memory Forensics [Part 4] — VADs
What is Virtual Address Descriptor (VAD)?
A Random and Simple Tip: Advanced Analysis of JNI Methods Using Frida #JNI #Frida #NativeCode #SecurityAnalysis #PerformanceEnhancement https://revflash.medium.com/a-random-and-simple-tip-advanced-analysis-of-jni-methods-using-frida-8b948ffcc8f5
Medium
A Random and Simple Tip: Advanced Analysis of JNI Methods Using Frida
In this article, I will share a tip for those interested in performing a more detailed analysis of the behavior of native methods, with a…
The Best Security Is When We All Agree To Keep Everything Secret (Except The Secrets) - NAKIVO Backup & Replication (CVE-2024-48248) #NAKIVOBackup #SecurityAgreement #ArbitraryFileRead #UnauthenticatedAccessVulnerability #BackupSolutions https://labs.watchtowr.com/the-best-security-is-when-we-all-agree-to-keep-everything-secret-except-the-secrets-nakivo-backup-replication-cve-2024-48248/
watchTowr Labs
The Best Security Is When We All Agree To Keep Everything Secret (Except The Secrets) - NAKIVO Backup & Replication (CVE-2024-48248)
As an industry, we believe that we’ve come to a common consensus after 25 years of circular debates - disclosure is terrible, information is actually dangerous, it’s best that it’s not shared, and the only way to really to ensure that no one ever uses information…
An inside look at NSA (Equation Group) TTPs from China’s lense #NSAChinaInteractions #ChineseCybersecurity #APT40 #WesternVsChineseIRMethods #NSAOps https://www.inversecos.com/2025/02/an-inside-look-at-nsa-equation-group.html
Inversecos
An inside look at NSA (Equation Group) TTPs from China’s lense
Modern Approach to Attributing Hacktivist Groups #HacktivismAttribution #CheckPointResearch #MachineLearning #LanguageAnalysis #CyberSecurity https://research.checkpoint.com/2025/modern-approach-to-attributing-hacktivist-groups/
Check Point Research
Modern Approach to Attributing Hacktivist Groups - Check Point Research
Research by: Itay Cohen (@megabeets_) Over the past few decades, hacktivism has been, in a lot of cases, characterized by minor website defacements and distributed denial-of-service (DDoS) attacks, which, while making headlines, had minimal lasting impact.…
Github scam investigation: Thousands of "mods" and "cracks" stealing your data #GithubScamInvestigation #ModsAndCracks #DataTheft #ScamRepositories #RedoxStealer https://timsh.org/github-scam-investigation-thousands-of-mods-and-cracks-stealing-your-data/
tim.sh
Github scam investigation: Thousands of "mods" and "cracks" stealing your data
How I found 1000+ malicious repositories spread on Github
Bypass AMSI in 2025 #AMSIbypass #IncidentResponse #CyberSecurity #GarantierteReaktion #CyberDefenseCenter https://www.r-tec.net/r-tec-blog-bypass-amsi-in-2025.html
www.r-tec.net
r-tec Blog | Bypass AMSI in 2025
This blog post will shed some light on what's behind AMSI (roughly, but hopefully easy to understand) and how you can still effectively bypass it - more than four years later.
Wallbleed: A Memory Disclosure Vulnerability in the Great Firewall of China #Wallbleed #GreatFirewall #MemoryDisclosure #Vulnerability #NDSS25 https://gfw.report/publications/ndss25/en/
GFW Report
Wallbleed: A Memory Disclosure Vulnerability in the Great Firewall of China
We present Wallbleed, a buffer over-read vulnerability that existed in the DNS injection subsystem of the Great Firewall of China. Wallbleed caused certain nation-wide censorship middleboxes to reveal up to 125 bytes of their memory when censoring a crafted…