The Best Security Is When We All Agree To Keep Everything Secret (Except The Secrets) - NAKIVO Backup & Replication (CVE-2024-48248) #NAKIVOBackup #SecurityAgreement #ArbitraryFileRead #UnauthenticatedAccessVulnerability #BackupSolutions https://labs.watchtowr.com/the-best-security-is-when-we-all-agree-to-keep-everything-secret-except-the-secrets-nakivo-backup-replication-cve-2024-48248/
watchTowr Labs
The Best Security Is When We All Agree To Keep Everything Secret (Except The Secrets) - NAKIVO Backup & Replication (CVE-2024-48248)
As an industry, we believe that we’ve come to a common consensus after 25 years of circular debates - disclosure is terrible, information is actually dangerous, it’s best that it’s not shared, and the only way to really to ensure that no one ever uses information…
An inside look at NSA (Equation Group) TTPs from China’s lense #NSAChinaInteractions #ChineseCybersecurity #APT40 #WesternVsChineseIRMethods #NSAOps https://www.inversecos.com/2025/02/an-inside-look-at-nsa-equation-group.html
Inversecos
An inside look at NSA (Equation Group) TTPs from China’s lense
Modern Approach to Attributing Hacktivist Groups #HacktivismAttribution #CheckPointResearch #MachineLearning #LanguageAnalysis #CyberSecurity https://research.checkpoint.com/2025/modern-approach-to-attributing-hacktivist-groups/
Check Point Research
Modern Approach to Attributing Hacktivist Groups - Check Point Research
Research by: Itay Cohen (@megabeets_) Over the past few decades, hacktivism has been, in a lot of cases, characterized by minor website defacements and distributed denial-of-service (DDoS) attacks, which, while making headlines, had minimal lasting impact.…
Github scam investigation: Thousands of "mods" and "cracks" stealing your data #GithubScamInvestigation #ModsAndCracks #DataTheft #ScamRepositories #RedoxStealer https://timsh.org/github-scam-investigation-thousands-of-mods-and-cracks-stealing-your-data/
tim.sh
Github scam investigation: Thousands of "mods" and "cracks" stealing your data
How I found 1000+ malicious repositories spread on Github
Bypass AMSI in 2025 #AMSIbypass #IncidentResponse #CyberSecurity #GarantierteReaktion #CyberDefenseCenter https://www.r-tec.net/r-tec-blog-bypass-amsi-in-2025.html
www.r-tec.net
r-tec Blog | Bypass AMSI in 2025
This blog post will shed some light on what's behind AMSI (roughly, but hopefully easy to understand) and how you can still effectively bypass it - more than four years later.
Wallbleed: A Memory Disclosure Vulnerability in the Great Firewall of China #Wallbleed #GreatFirewall #MemoryDisclosure #Vulnerability #NDSS25 https://gfw.report/publications/ndss25/en/
GFW Report
Wallbleed: A Memory Disclosure Vulnerability in the Great Firewall of China
We present Wallbleed, a buffer over-read vulnerability that existed in the DNS injection subsystem of the Great Firewall of China. Wallbleed caused certain nation-wide censorship middleboxes to reveal up to 125 bytes of their memory when censoring a crafted…
Substack Domain Takeover #Substack #blog #domain #takeover #security https://blog.nietaanraken.nl/posts/substack-domain-takeover/
Blog by Joren Vrancken
Substack Domain Takeover
Substack is a popular blogging platform. It allows writers to easily create their own personal blog, with payments, comments, analytics and other advanced features. Substack empowers writers to customize their blogs by adding a custom domain.
(full disclosure) MitM attack against OpenSSH's VerifyHostKeyDNS-enabled client #OpenSSH #VerifyHostKeyDNSEnabledClient #MitMAttack #DoSAttack #Vulnerabilities https://seclists.org/fulldisclosure/2025/Feb/18
seclists.org
Full Disclosure: Re: MitM attack against OpenSSH's VerifyHostKeyDNS-enabled client
Massive security gaps discovered in building access systems #SecurityGaps #BuildingAccess #CyberCriminals #GlobalProblem #SensitiveData https://www.heise.de/en/news/Massive-security-gaps-discovered-in-building-access-systems-10301128.html
heise online
Massive security gaps discovered in building access systems
Cyber criminals can easily access building access systems worldwide. A study reveals the extent and causes.
Bypassing AMSI and Evading AV Detection with SpecterInsight #AmsiBypass #SpecterInsight #AVDetectionEvasion #PowerShellCradles #MalwareAnalysis https://practicalsecurityanalytics.com/bypassing-amsi-and-evading-av-detection-with-specterinsight/
Practical Security Analytics LLC
Bypassing AMSI and Evading AV Detection with SpecterInsight
Introduction A few weeks ago, there was a post on reddit asking for advice on how to get their AMSI bypass through Windows Defender without being detected. Recently, it has become much more difficu…
👍1🎉1
About GCC optimizing away signed overflow checks #GCC #IntegerOverflow #SecureCompiling https://x.com/effectfully/status/1875747430232162528?s=67
X (formerly Twitter)
effectfully (@effectfully) on X
There's an extremely funny thread on GCC Bugzilla about GCC optimizing away signed overflow checks.
The OP is bitching relentlessly about how unprofessional and stupid GCC developers responsible for this behavior are, but the best part is the OP getting…
The OP is bitching relentlessly about how unprofessional and stupid GCC developers responsible for this behavior are, but the best part is the OP getting…
🔥1
Shattering the Rotation Illusion: Part 4 - Developer Forums #NHI #Security #DeveloperForums #AWSKeys #SecurityRisk https://www.clutch.security/blog/shattering-the-rotation-illusion-part4-developer-forums
Clutch Security
Shattering the Rotation Illusion: Part 4 - Developer Forums
Explore Clutch Security’s research on leaked AWS Access Keys in developer forums like Stack Overflow and Quora, revealing critical security…
Trigon: developing a deterministic kernel exploit for iOS #TrigonExploit #iOSKernel #Vulnerability #PhysicalMapping #KernelReadAndWrite https://alfiecg.uk/2025/03/01/Trigon.html
Alfie CG
Trigon: developing a deterministic kernel exploit for iOS (part 1)
Background Vulnerability Experimentation Arbitrary physical mapping Dynamically finding our mapping base Finding the kernel base A10(X) A11 Non-KTRR devices Virtual kernel read/write Page table panic Brandon Azad’s method PV head table (again) IOSurface kernel…
New Method to Leverage Unsafe Reflection and Deserialisation to RCE on Rails #RailsRCE #UnsafeReflection #DeserialisationGadget #SQLite3 #RubyonRails https://www.elttam.com/blog/rails-sqlite-gadget-rce/
Elttam
New Method to Leverage Unsafe Reflection and Deserialisation to RCE on Rails - elttam
elttam is a globally recognised, independent information security company, renowned for our advanced technical security assessments.
CVSS-Threat Enhanced (CVSS-TE) Vulnerability Lookup #CVSS-TE #VulnerabilityLookup #ThreatEnhanced #CVE #ThreatIntelligence https://kston83.github.io/cvss-te/
kston83.github.io
CVSS-TE Vulnerability Lookup
Enhanced vulnerability scoring system combining CVSS with threat intelligence
Case Study: Analyzing macOS IONVMeFamily Driver Denial of Service Issue #macOS #DriverIssue #DenialofService #AFINE #Cybersecurity https://afine.com/case-study-analyzing-macos-ionvmefamily-driver-denial-of-service-issue/
AFINE - digitally secure
Case Study: Analyzing macOS IONVMeFamily Driver Denial of Service Issue - AFINE - digitally secure
The discovery of a DoS in the macOS NS_01 driver within Apple’s IONVMeFamily, offering insights into integer overflow detection, and crash analysis.
🔥1
Ransomhub Ransomware: Double-Extortion Attack and How to Defend #Ransomhub #DoubleExtortion #Attack #Defend #SecConsult https://sec-consult.com/blog/detail/ransomhub-ransomware-gang/
SEC Consult
Ransomhub Ransomware: Double-Extortion Attack and How to Defend
Cyberattacks are constantly evolving, and ransomware remains a critical threat. We recently encountered the RansomHub ransomware group, which leverages double-extortion tactics against businesses and critical infrastructure. In this blog post, we share key…
Cybersecurity ROI Explained: “Why Investing in Penetration Testing Saves Your Business” #CybersecurityROI #PenetrationTesting #SaveBusiness #LaburityResearch #CybersecurityStrategy https://laburity.com/cybersecurity-roi-explained-why-investing-in-penetration-testing-saves-your-business/
Laburity - Cyber Security Services
Cybersecurity ROI Explained: “Why Investing in Penetration Testing Saves Your Business” - Laburity
Introduction: Cybersecurity has to be a major concern for businesses in light of the growing cyber threats and increased regulatory pressure. A single breach can cost a business dearly, financially, and reputation-wise. Investing in the operation of security…
Understanding and Mitigating TOCTOU Vulnerabilities in C# Applications #TOCTOU #Csharp #SecureCoding #Vulnerabilities #Mitigation https://afine.com/understanding-and-mitigating-toctou-vulnerabilities-in-c-applications/
AFINE - digitally secure
TOCTOU Vulnerabilities in C# Applications: Mitigation - AFINE - digitally secure
Learn TOCTOU mitigation for C# apps. Atomic operations, file locking, and race condition defenses for Windows developers.
🔥1
How Beyond Gravity, a leading Swiss aerospace company, is fortifying cybersecurity: a real-life success story #BeyondGravity #Cybersecurity #SuccessStory #SECConsult #SwissAerospaceCompany https://sec-consult.com/blog/detail/beyond-gravity-success-story/
SEC Consult
How Beyond Gravity, a leading Swiss aerospace company, is fortifying cybersecurity: a real-life success story
In the highly sensitive aerospace industry, a comprehensive and proactive security strategy is paramount for companies to meet long-term security standards and protect against cyber threats.