Security Operations

Extending Burp Suite for fun and profit - The Montoya way - Part 3::Setting up the environment + Hello […]

Critical Vulnerabilities in Citrix ADC and Citrix Gateway: Patch now!::Citrix ADC and Citrix Gateway Security Bulletin for CVE-2023-3519, CVE-2023-3466, CVE-2023-3467

Biden-⁠Harris Administration Announces Cybersecurity Labeling Program for Smart Devices to Protect American Consumers::Leading electronics and appliance manufacturers and retailers make voluntary commitments to increase cybersecurity on smart devices, help consumers choose products that are less vulnerable to cyberattacks.“U.S. Cyber Trust Mark” is the latest in a series of actions President Biden and the Biden-Harris Administration have taken to protect hard-working families. The Biden-Harris Administration today announced a…

Streamlining Websocket Pentesting with wsrepl::Doyensec's Blog :: Doyensec is an independent security research and development company focused on vulnerability discovery and remediation.

A technical analysis of the Quasar-forked RAT called VoidRAT::VoidRAT is based on the open-source RAT called Quasar. The malware steals information from web browsers and applications such as FileZilla and WinSCP. It also implements a keylogger functionality that saves and exfiltrates the pressed keys.

Email hack prompts call for Microsoft to make security logs free::undefined

Prominent Threat Actor Accidentally Infects Own Computer with Info-Stealer::Threat actor “La_Citrix” is known for hacking companies — he accidentally infected his own computer and likely ended up selling it without noticing.

How We Found Another GitHub Actions Environment Injection Vulnerability in a Google Project::Legit Security | This blog shows another case of GitHub Actions environment injection vulnerability in a Google repository.

GitHub - FourCoreLabs/LolDriverScan: Scan vulnerable drivers on Windows System::Contribute to FourCoreLabs/LolDriverScan development by creating an account on GitHub.

SonicWall GMS Critical Vulnerabilities Announced | Patches Released::SonicWall has recently disclosed several vulnerabilities in their Global Management System (GMS) and Analytics products. Learn impact, mitigation, and risks.

I’m back from Lille, France, where I attended the sixth edition of the conference called “Pass The Salt“. This event focuses on security but around free software. Vendors are not welcome to promote their solutions! Christophe from the crew introduced the event. Basically, it remains the same: a lot of

The botnet run by TeamTNT has set its sights on Docker and Kubernetes environments, Redis servers, Postgres databases, Hadoop clusters, Tomcat and others.

Use Spartacus to neutralise AMSI system-wide, without having to patch memory

Microsoft mitigates China-based threat actor Storm-0558 targeting of customer email

Microsoft has warned of six unpatched zero-day vulnerabilities including CVE-2023-36884 being exploited by attackers for financial and espionage motives. No patches are available for CVE-2023-36884, find the mitigations and detections to prevent CVE-2023-36884.

CVE-2023-35803 - An adventure in finding and exploiting a buffer overflow in Extreme Networks/Aerohive Wireless Access Points

Open source platform security

A Burp Suite Extension for Application Penetration Testing to map flows and vulnerabilities - GitHub - Anof-cyber/Pentest-Mapper: A Burp Suite Extension for Application Penetration Testing to map flows and vulnerabilities

The Google Search Appliance (hereinafter referred to as GSA) is an enterprise search device launched by Google in 2002, used for indexing and retrieving internal or public network information

Slinky Cat has been developed to automate some of the methods introduced in living off the land and to supplement ScrapingKit. To help security and IT teams reduce their AD exposures and uncover quick wins and fixes designed for pen-testers and defenders alike.

The intention of this post is to provide basic queries for targeted AD DS information gathering used in penetration testing. The reader can

In a recent investigation by Microsoft Incident Response of a BlackByte 2.0 ransomware attack, we found that the threat actor progressed through the full attack chain, from initial access to impact, in less than five days, causing significant business disruption for the victim organization.