Security Operations

Over 400K Buckets and 10.4B Files Are Public Due to Cloud Misconfigurations::Using the open source programs/platform, anyone can scan millions of public buckets at once using certain keywords. Typically, buckets...

Insecure URL handler (Electron) in iRacing leading to RCE in the client - bug discovery and exploit::I’ve recently been looking into iRacing, which is an online racing simulation video game.

Defeating Visual Studio Code embedded reverse shell::Visual studio code tunnel Introduction Since July 2023, Microsoft is offering the perfect reverse shell, embedded inside Visual Studio Code, a widely used …

Cryptomining malware detected on a Russian thesaurus with 5 Million+ monthly visits::Leading provider of cybersecurity solutions: Threat Intelligence, antifraud, anti-APT. Protect better, respond faster to network security attacks and threats.

The WebP 0day::Early last week, Google released a new stable update for Chrome. The update included a single security fix that was reported by Apple's Security Engineering and Architecture (SEAR) team. The issue, CVE-2023-4863, was a heap buffer overflow in the WebP image library, and it had a familiar warning attached:

"Google

New ways to inject system CA certificates in Android 14::A couple of weeks ago I published a post about changes in Android 14 that fundamentally break existing approaches to installing system-level…

RCE in Tutanota Desktop: How a single email could compromise your machine::Our Research team discovered critical code vulnerabilities in Proton Mail, Skiff, and Tutanota. This post covers an XSS vulnerability in Tutanota Desktop and how it can be prevented.

Howtorotate.com - Open Source Guides on Key Rotations from the Most Popular Providers::undefined

DEF CON 31 Main Stage Talks::Share your videos with friends, family, and the world

When MFA isn't actually MFA::Due to a recent Google change, MFA isn't truly MFA.

CVE-2022-32947: macOS GPU-launched kernel privilege escalation exploit (walkthrough slides + demo)::undefined

A Big Look at Security in OpenAPI::blog post about A Big Look at Security in OpenAPI

The bogus CVE problem::undefined

Konni has entered the game: A new, possibly North Korean group exploits WinRAR vulnerability for cyberattacks.::Groups of North Korean origin have long chosen the cryptocurrency sector as one of their targets, and until now, the main threat has come from the Lazarus

The GitHub Actions Worm: Compromising GitHub Repositories Through the Actions Dependency Tree::GitHub Actions worm compromises GitHub repositories via action dependencies in a novel attack vector allowing attackers to distribute malware across repositories, research shows.

Column-Level Encryption 101: What is It, implementation & Benefits::Explore the advantages of column-level encryption and understand database encryption methods and related security implications.

CVE-2023-38146: Arbitrary Code Execution via Windows Themes::undefined

3.5 TB of data stolen from Datadvance: NDAs, scripts, and contracts leaked::Today, the telegram channel of the infamous darknet forum reported that hackers had broken into the infrastructure of Datadvance and its pSeven platform,

GitHub - boringtools/git-alerts: A Public Git repository & misconfiguration detection tool::A Public Git repository & misconfiguration detection tool - GitHub - boringtools/git-alerts: A Public Git repository & misconfiguration detection tool

“MrTonyScam” — Botnet of Facebook Users Launch High-Intent Messenger Phishing Attack on Business Accounts::undefined

Rustproofing Linux (Part 1/4 Leaking Addresses)::Rust is a programming language guaranteeing memory and thread safety while still being able to access raw memory and hardware. This sounds impossible, and it is, that’s why Rust has an unsafe keyword which allows a programmer to dereference a raw pointer and perform some other dangerous operations. The dangerous code is effectively contained to…

BLASTPASS: NSO Group iPhone Zero-Click, Zero-Day Exploit Captured in the Wild::Citizen Lab found an actively exploited zero-click vulnerability being used to deliver NSO Group’s Pegasus mercenary spyware while checking the device of an individual employed by a Washington DC-based civil society organization with international offices. We refer to the exploit chain as BLASTPASS. The exploit chain was capable of compromising iPhones running the latest version of iOS (16.6) without any interaction from the victim.

Boot Unguarded: x86 Trust Anchor Downfalls to The Leaked OEM Internal Tools and Signing Keys::undefined

XSS vulnerability in Proton Mail allowed to leak unencrypted emails::The Sonar Research team discovered critical code vulnerabilities in Proton Mail, Skiff and Tutanota. This post covers the technical details of the XSS vulnerability in Proton Mail.

Live API Keys and Source Code Leaked in 4,500 of the Top Alexa Sites::undefined