๐ A Comprehensive Analysis of the 3CX Attack | | Mar 31, 2023 5:39 PM | 3CXSupply-chainCTILazarus |
๐ช Vulkan files leak, a rare look into Russian cyberwarfare tactics | | Mar 31, 2023 2:36 PM | ะ ะพััะธัLeakCyberWarfare |
๐งฆ CVE-2023-21768 _ Pwning Windows Ancillary Function Driver for WinSock (afd.sys) | | Mar 30, 2023 7:03 PM | WindowsAFDLPEWinSock |
๐ฆ CVE-2022-47522 _ MacStealer: Wi-Fi Client Isolation Bypass | | Mar 30, 2023 6:54 PM | WiFiContext Override |
๐งฟ ARM TrustZone: pivoting to the secure world | | Mar 28, 2023 6:59 PM | AndroidARMTrustZoneACE |
๐คธโโ๏ธ CVE-2023-27326 _ Parallels Toolgate VM Escape | | Mar 20, 2023 6:28 PM | MacOSParallelsVMEscape |
๐ BlackLotus UEFI bootkit: Myth confirmed | | Mar 19, 2023 1:40 PM | UEFIBootkitBlackLotusCTI |
๐ค CVE-2022-25664 _ The code that wasn't there: Reading memory on an Android device by accident | | Mar 19, 2023 1:28 PM | AndroidAdrenoKASLR |
๐ฅ A Race to Report a TOCTOU: Analysis of a Bug Collision in Intel SMM | | Mar 19, 2023 11:41 AM | BiosSMMUEFIIntel |
๐ชก Userland exploit chain to dump the memory of any Windows PPL process | | Mar 19, 2023 10:48 AM | WindowsLSASSPPL |
๐ CVE-2023-1017/18 _ Vulns in TPM 2.0 reference implementation code | | Mar 18, 2023 4:43 PM | TPMOOBEscape |
๐ณ Defining the Cobalt Strike Reflective Loader | | Mar 17, 2023 7:20 PM | Cobalt-StrikeReflectiveLoader |
๐ก CVE-2023-25136 _ OpenSSH Pre-Auth Double Free | | Mar 17, 2023 7:00 PM | OpenSSHDouble-FreeOpenBSD |
๐ช CVE-2023-23397 _ Microsoft Outlook EoP | | Mar 17, 2023 6:13 PM | OutlookWindowsEoPNTLM |
๐ฃ Multiple Internet to Baseband RCE Vulns in Exynos Modems | | Mar 17, 2023 5:05 PM | BasebandRCEExynosAndroid |
๐ผ๏ธ CVE-2022-44268/7 _ ImageMagick: The hidden vulnerability behind your online images | | Feb 9, 2023 12:32 AM | ImageMagickRemote Leak |
๐ CVE-2023-21608 _ Adobe Acrobat Reader resetForm RCE | | Feb 7, 2023 8:24 PM | AdobeAcrobatRCE |
๐ชต VMSA-2023-0001 _ VMware vRealize Log Insight Multiple Vulns | | Jan 31, 2023 11:00 PM | VMWarevRealize |
๐ CVE-2022-34689 _ Exploiting a Critical Spoofing Vuln in Windows CryptoAPI | | Jan 30, 2023 11:17 PM | WindowsMD5CryptoAPI |
๐ซ how to completely own an airline in 3 easy steps | | Jan 29, 2023 11:35 PM | jenkinsaviationnofly |
๐ CVE-2023-23504 _ XNU Heap Underwrite in dlil.c | | Jan 26, 2023 11:49 PM | AppleXNUMacOSiOS |
๐ฃ CVE-2022-38181 _ yet another Arm Mali GPU Android exploit | | Jan 25, 2023 11:36 PM | AndroidMaliARM |
๐ช CVE-2022-42864 _ Diabolical Cookies on iOS/MacOS | | Jan 23, 2023 10:26 PM | iOSMacOSApple |
๐ฌ CVE-2023-24068/69 _ Abusing Signal Desktop for fun & Espionage | | Jan 23, 2023 10:24 PM | SignalDesktop |
๐ง CVE-2023-0179 _ Linux kernel stack buffer overflow in nftables | | Jan 22, 2023 11:56 PM | LINUXKERNELNFTables |
โ ๏ธ making malware with VX-API | | Jan 18, 2023 5:29 PM | VX-APIDevelopment |
๐ Prototype Pollution in Python | | Jan 18, 2023 5:00 PM | PythonPrototype |
๐ Unlocking LockBit, a Ransomware story | | Jan 17, 2023 8:11 PM | LockBitRansomware |
๐ฏ Xdr33, A Variant Of CIAโs HIVE Attack Kit | | Jan 10, 2023 11:02 PM | XDR33HIVEC2 |
๐ง The OWASSRF + TabShell exploit chain | | Jan 9, 2023 10:59 PM | ExchangeOWASSRFTabShell |
๐ฒ Game Of Active Directory, PWNING is coming! | | Jan 7, 2023 5:12 PM | Active DirectoryLab |
๐ Blindside: EDR Evasion with Hardware Breakpoints | | Jan 2, 2023 11:20 PM | WindowsEDREvasion |
๐ Precious Gemstones: The New Generation of Kerberos Attacks | | Jan 2, 2023 10:59 PM | KerberosWindowsAD |
๐ธ๏ธ Netcomm Unauthenticated RCE Vuln | | Jan 2, 2023 7:39 PM | NETCOMMNF20MESH |
๐ต CVE-2022-46169 _ Cacti Unauthenticated Command Injection | | Jan 2, 2023 11:09 AM | CactiPHP |
๐ฆบ Exciting approaches to memory safety | | Jan 1, 2023 11:09 PM | memorysafetymitigationsarchitectures |
โ ๏ธ CVE-2022-41082/80 _ OWASSRF, Bypassing ProxyNotShell Mitigations | | Jan 1, 2023 4:55 PM | OWASSRFExchange |
๐น MeshyJSON, A TP-Link tdpServer JSON Stack Overflow | | Jan 1, 2023 11:08 AM | TP-LinkArcher AX21 |
๐ฆ VLAN Hopping techniques | | Dec 31, 2022 1:06 PM | VLANNetworkingCISCO |
๐ถ๏ธ Spice up your persistence loading PHP extensions from memory | | Dec 31, 2022 12:07 PM | PHP ExtensionsX-C3LL |
๐ Firebase is Insecure by Default | | Dec 31, 2022 11:43 AM | FirebaseFizz |
๐ถ๐ฟโโ๏ธ SilentMoonwalk: Implementing a dynamic Call Stack Spoofer | | Dec 18, 2022 11:19 PM | WindowsStackSpoofing |
๐ฆ CVE-2022-28672 _ Foxit PDF Reader UAF RCE | | Dec 18, 2022 10:46 PM | FoxitPDFWindows |
๐ฉธ CVE-2022-4543 _ EntryBleed: Breaking KASLR under KPTI with Prefetch | | Dec 18, 2022 10:31 PM | LINUXKASLRKPTI |
๐ชค Huawei Secure Monitor Vulnerabilities | | Dec 15, 2022 6:58 PM | AndroidHuaweiATFSecure Monitor |
๐งจ FOISted, remote exploit for MikroTikโs RouterOS 6 | | Dec 15, 2022 6:25 PM | MikroTikRouterOSJailBreak |
๐บ IIS modules: The evolution of web shells | | Dec 14, 2022 7:13 PM | WindowsIISWebShell |
๐ชฃ Atlassian Session Hijacking (& 2FA bypass) using stolen JWTs | | Dec 14, 2022 6:53 PM | BitBucketJiraConfluence |
๐ง CVE-2022-42703 _ Bringing back the stack attack to Linux (kernel) | | Dec 13, 2022 8:12 PM | LINUXKERNEL |
๐ก Fuzzing ping(8)โฆ and finding a 24 year old bug. | | Dec 13, 2022 7:53 PM | OpenBSDPingAFL |
๐ฅ {JS-ON: Security-OFF}: Abusing JSON-Based SQL to Bypass WAF | | Dec 9, 2022 3:01 PM | JSONSQLiAntiWAF |
๐ฅ CVE-2022-4059/42 _ Supply Chain Vulns Put Server Ecosystem At Risk | | Dec 9, 2022 2:38 PM | BMC&CAMIMegaRACRedfishIPMI |
๐ฅ Multiple Zero-Day Vulnerabilities in Leading EDRs and AVs | | Dec 9, 2022 2:04 PM | FUDAntiEDRAV |
๐ฅ CVE-2022-3328 _ Snapd Race condition in snap-confine | | Dec 9, 2022 1:43 PM | SnapdUbuntu |
๐ช CVE-2022-41057 _ Windows 11 HTTP.SYS Kerberos PAC EoP | | Dec 9, 2022 12:08 PM | WindowsHTTP.SYSKerberos |
โ ๏ธ CVE-2022-41034 _ Visual Studio Code RCE | | Dec 9, 2022 11:09 AM | VSCodeRCE |
๐ CVE-2022-41120 _ Sysmon EoP Abusing Arbitrary File Deletes | | Dec 8, 2022 11:44 PM | EoPWindows |
๐ก 6G - The Sixth Generation Mobile Network | | Dec 8, 2022 11:20 PM | 6GMobileCellularNetwork |
๐ช In The Box - Mobile Malware Webinjects Marketplace | | Dec 8, 2022 10:11 PM | Dark MarketsWebinjects |
๐ Cobalt Strike Memory Analysis | | Dec 8, 2022 7:36 PM | Cobalt-StrikeKoboldLithiumMagnetLoader |
๐ก๏ธ The Defenderโs Guide to the Windows Registry | | Dec 8, 2022 7:11 PM | WindowsRegistryBlue |
๐ฅ The Intel PPAM attack story | | Dec 7, 2022 7:53 PM | PPAMSMMAMIFirmware |
๐ CVE-2022-25765 _ Command Injection in pdfkit | | Dec 7, 2022 7:52 PM | pdfkitruby |
โญ Discover Redigo โ New Redis Backdoor Malware | | Dec 6, 2022 10:50 PM | RedisRedigoCVE-2022-0543 |
๐ฐ๏ธ Dumping and extracting the SpaceX Starlink User Terminal firmware | | Dec 6, 2022 10:49 PM | StarlinkSpaceXReverse |
๐ถ TP-Link WR940N N-Day turns into a 0day | | Dec 5, 2022 7:48 PM | TP-LinkWR940N |
๐ฆ
CVE-2022-44721 _ Crowdstrike Falcon Uninstaller
| | Dec 5, 2022 7:44 PM | CVE-2022-2841CrowdStrikeFalcon |
๐ซ CVE-2022-31358 _ Multiple Vulns in Proxmox VE & Mail Gateway | | Dec 4, 2022 11:53 AM | ProxmoxXSSCRLFSSRF |
๐ผ Hitching a ride with Mustang Panda | | Dec 4, 2022 11:23 AM | APTWindows |
๐ฐ HTTP Desync Attack (Request Smuggling) | | Dec 4, 2022 12:52 AM | HTTP DesyncSmuggling |
โ๏ธ CVE-2022-4116 _ zero-day flaw in Quarkus Java framework | | Dec 4, 2022 12:25 AM | QuarkusCORS |
โ Hacking Smartwatches for Spear Phishing | | Dec 2, 2022 11:28 PM | SmartwatchBLE |
๐ Blasting Event-Driven Cornucopia - WMI edition | | Dec 2, 2022 11:00 PM | WMIDKOMSandbox |
๐ค Huawei Security Hypervisor Vulnerability | | Dec 1, 2022 10:49 PM | AndroidHuaweiHypervisor |
๐ Hellโs Keychain: Supply-chain vuln in IBM Cloud PostgreSQL | | Dec 1, 2022 10:01 PM | IBMSupply-chain |
๐ฆท CVE-2022-42895/6 _ Linux Kernel Infoleak & UAF in Bluetooth L2CAP | | Nov 30, 2022 6:55 PM | LINUX |
โ๏ธ chip-to-cloud 'eID' logic vulnerabilities | | Nov 30, 2022 6:43 PM | eIDReverse |
๐น Xiongmai IoT Exploitation | | Nov 29, 2022 11:43 PM | NVRIoTXiongmai |
๐ Bypass Android SSL Pinning & Intercept Proxy Unaware apps | | Nov 27, 2022 5:19 PM | AndroidReverseSSL |
โ๏ธ Linux & Windows Password Mining | | Nov 27, 2022 4:06 PM | LateralPrivEscPassword |
๐ฅ Zero-to-Hero Dom Clobbering | | Nov 27, 2022 3:23 PM | DOMJSXSS |
๐ Exploiting an N-day vBulletin PHP Object Injection Vulnerability | | Nov 27, 2022 11:23 AM | vBulletinPOP Chain |
๐ APT41โs New Subgroup: Earth Longzhi | | Nov 26, 2022 10:36 AM | APT41MalwareCTI |
โ๏ธ REcollapse - Fuzzing the web for mysterious bugs | | Nov 25, 2022 9:13 PM | User InputFuzzing |
๐ด๏ธ CVE-2022-33942 _ Bypassing Intel DCMโs Auth by Spoofing Kerberos and LDAP | | Nov 24, 2022 6:28 PM | IntelKerberosLDAP |
๐ผ๏ธ PNG Steganography Hides Backdoor | | Nov 24, 2022 5:51 PM | SteganographyDropboxC&C |
๐ค Userspace exploitation under Android | | Nov 23, 2022 9:14 PM | JNIAndroid |
๐ก NETGEAR R7800 AFPD PreAuth | | Nov 23, 2022 9:03 PM | Netgear R7800Heap Overflow |
๐งโ๐ CVE-2022-41924 _ RCE in Tailscale, DNS Rebinding, and You | | Nov 23, 2022 8:05 PM | TailscaleRCE |
๐ฃ The State of Exploit Development | | Nov 23, 2022 7:42 PM | ExploitDevelopment |
๐ Chrome Browser Exploitation | | Nov 23, 2022 3:00 PM | V8Chrome |
๐ก๏ธ kmem_guard_t in iOS 16 / macOS 13 | | Nov 21, 2022 10:38 PM | xnuMacOSiOS |
๐ฉ Remote Command Execution in a Bank Server | | Nov 21, 2022 10:21 PM | RCERemote Banking |
๐ฅ CVE-2022-41622/41800 _ F5 BIG-IP and iControl REST Vuln | | Nov 19, 2022 5:52 PM | F5 Big-IPiControl |
๐ CVE-2022-20868/7 _ Ciscoย SMA JWT EoP & SQLi RCE | | Nov 19, 2022 5:18 PM | Cisco SMACVE-2022-20868/7 |
๐ง CVE-2022-45163 _ NXP i.MX SDP_READ_DISABLE Fuse Bypass | | Nov 19, 2022 9:10 AM | i.MXHardware |
๐ฑ Pixel 6 Bootloader Exploitation writeup | | Nov 19, 2022 7:50 AM | AndroidHardware |
๐๏ธ DeimosC2 C&C Framework brief-analysis | | Nov 18, 2022 8:56 PM | C2C&C |
๐ง CVE-2022-41082 _ RCE in Exchange PowerShell Backend | | Nov 17, 2022 3:04 PM | ExchangeCVE-2022-41082CVE-2022-41040 |
โผ๏ธ CVE-2022-32932 _ ZinComputeProgramUpdateMutables() OOB write due to double fetch | | Nov 17, 2022 2:05 PM | Neural EngineweightBufs |
๐๏ธ CVE-2022-36067 _ SandBreak vm2 Unauthโed RCE in Backstage | | Nov 16, 2022 3:13 PM | Backstagevm2 |
๐ฆ CVE-2022-32895 _ CVE-2019-8561 _ A Hard-to-Banish PackageKit Vuln | | Nov 16, 2022 2:29 PM | MacOS |
๐ Cloning Windows Binaries and Code Signing Implants | | Nov 16, 2022 11:55 AM | EvasionWindows |
๐ Practical fault attacks against SM4 | | Nov 15, 2022 4:24 PM | SM4HardwareGlitch |
โก CVE-2022-40303/4 _ on MacOS <13.0.1 & iOS/iPadOS <16.1.1 | | Nov 15, 2022 2:35 PM | libxml2iOSMacOS |
๐ CVE-2022-35914 _ GLPI htmlawed | | Nov 14, 2022 5:29 PM | GLPICVE-2022-35914 |
๐ฆ Inside the V1 Raccoon Stealer | | Nov 14, 2022 5:06 PM | MalwareStealerRaccoon |
๐คฏ weightBufs ๐ฅ exploit โ๏ธ chain | | Nov 12, 2022 3:10 PM | iOSMacOSNeural Engine |
๐ On-Chain Insights From the FTX Implosion | | Nov 11, 2022 6:57 PM | CryptoFinance |
๐ธ๏ธ Hosting Malware on IPFS for fun & profit! | | Nov 11, 2022 6:44 PM | IPFSMalwareWeb3 |
โต Does OpenSea Shared Storefront have a backdoor? | | Nov 11, 2022 6:20 PM | NFTOpenSeaWeb3 |
๐ Web3 Decoder Burp Suite Extension | | Nov 11, 2022 6:08 PM | dAppWeb3 |
๐ง Using SystemFunction032 for shellcode decryption | | Nov 10, 2022 7:13 PM | WindowsShellcodeObf |
๐ Intel Boot Guard keys leak analysis | | Nov 10, 2022 6:24 PM | IntelLeakBios |
๐ Design and setup of C2 traffic redirectors | | Nov 9, 2022 7:35 PM | C2HTTP |
| | Nov 9, 2022 12:20 AM | AppSecEzine |
๐ Fodcha Is Coming Back, Raising A Wave of Ransom DDoS | | Nov 8, 2022 11:57 PM | DDoSBotNet |
๐ฉธ CVE-2022-26730 _ ColorSync | | Nov 7, 2022 5:47 PM | CVE-2022-26730MacOS |
๐ฉ๐ฟโ๐ป DevSecOps-Playbook: step-by-step implementation guide | | Nov 5, 2022 10:22 PM | DevSecOps |
๐ฅ Build a Self-Destructing USB Drive | | Nov 5, 2022 3:09 PM | HardwareTactical |
| | Nov 5, 2022 2:31 PM | CheckmkRCE |
๐ฌ Hardware Trojans Under a Microscope | | Nov 4, 2022 7:43 PM | RATHardware |
๐ฌ More Evil Markets to buy Initial Access | | Nov 4, 2022 7:31 PM | Dark MarketsInitial Access |
๐ CVE-2022-33679 _ One-Day Kerberos EoP | | Nov 3, 2022 1:35 PM | KerberosWindows |
๐ urlscan.io's SOAR spot: Chatty security tools leaking private data | | Nov 3, 2022 12:25 PM | Leakdorks |
๐ CVE-2022-3602 _ OpenSSL punycode vulnerability | | Nov 1, 2022 8:38 PM | CVE-2022-3602CVE-2022-3786OpenSSL |
๐ผ๏ธ CVE-2022-40146 _ Apache Batik SSRF and RCE | | Nov 1, 2022 10:50 AM | Apache BatikJava |
ใฝ๏ธ Exploited Windows โMark-of-the-Webโ Zero-Day | | Nov 1, 2022 10:26 AM | MoTWWindows |
๐ The Drone Cyberattack That Breached a Corporate Network | | Oct 31, 2022 7:22 PM | WiFiDrone |
๐ช Abusing tokens to compromise AD w/o touching lsass | | Oct 31, 2022 6:52 PM | Token TheftActive Directory |
๐ช Thatโs No Honey Badger. Itโs A Brute Ratel. A Look At BRC4. | | Oct 30, 2022 8:29 PM | C2BRC4 |
๐ LNK file-based Attacks Are on The Rise | | Oct 30, 2022 4:42 PM | LNKPhishingWindows |
๐ฐ CVE-2022-32250 _ Exploit Linux Kernel Exploit with mqueue | | Oct 29, 2022 3:11 PM | CVE-2022-32250LINUXLPE |
โ From Shared Dash to Root Bash :: Pre-Authโed RCE in VMWare vROps | | Oct 29, 2022 2:46 PM | CVE-2022-31675CVE-2022-31674CVE-2022-31672 |
โป๏ธ Eat What You Kill :: Pre-Authโed RCE in VMWare NSX Manager | | Oct 29, 2022 1:48 PM | VMSA-2022-0027VMWareNSX |
๐ฅ CVE-2022-34918 _ A crack in the Linux firewall | | Oct 28, 2022 3:55 PM | CVE-2022-34918LINUX |
๐ฅ In the potato family, I want โem all | | Oct 28, 2022 3:25 PM | LPEWindows |
๐ฑ Android One-Click exploiting XSS on Samsung Galaxy Store | | Oct 28, 2022 12:56 PM | XSSAndroidSamsung |
๐ค CVE-2022-32946 _ SiriSpy, eavesdrop conversations with Siri | | Oct 27, 2022 5:33 PM | iOSappleSiri |
๐ช CVE-2022-37981 _ The Logging Dead | | Oct 27, 2022 5:21 PM | CVE-2022-37981Windows |
๐ CVE-2022โ34718 _ Windows TCP/IP RCE PoC & Analysis | | Oct 26, 2022 7:35 PM | CVE-2022โ34718RCEWindows |
๐ฅท APT techniques: Access Token manipulation/theft | | Oct 26, 2022 7:18 PM | Win32APIToken Theft |
๐งต CVE-2022-35737 _ Stranger Strings: An exploitable flaw in SQLite | | Oct 25, 2022 3:28 PM | SQLiteCVE-2022-35737 |
๐ฏ CVE-2022-22954 _ Mirai, RAR1 & GuardMiner target a well-known VMware RCE | | Oct 25, 2022 2:41 PM | VMWareCVE-2022-22954 |
๐ช SharePoint Post-Authentication Server-Side Request Forgery (SSRF) | | Oct 25, 2022 2:17 PM | SharePointSSRF |
๐ผ SS7 ัััะฐัะตะป, long life to SS7 | | Oct 24, 2022 5:17 PM | SS7GSMMobileะ ะพััะธั |
๐ฏโโ๏ธ Client Side De-Sync and Synch0le | | Oct 24, 2022 4:31 PM | client-side desyncSynch0le |
๐ด Black Basta and the Unnoticed Delivery | | Oct 24, 2022 4:02 PM | RansomwareBlack BastaCTI |
โธ๏ธ Thousands Of Unsecured Kubernetes Clusters Exposed On The Internet | | Oct 23, 2022 10:39 AM | KubernetesK8SKubeStalk |
๐ฐ Authentication Bypass & File Upload & Arbitrary File Overwrite | | Oct 23, 2022 10:17 AM | JWTS3BugBounty |
๐๏ธ ะขะตะผะฝัะต ะ ัะฝะบะธ ะฒ ะขะตะปะตะณัะฐะผะผะต | | Oct 23, 2022 9:20 AM | TelegramDarkNetะ ะพััะธั |
โช Reverse Engineering the Apple MultiPeer Connectivity Framework | | Oct 22, 2022 8:17 PM | appleReversemcpeer |
๐ต๏ธ Steganography: Creating a digital microdot | | Oct 22, 2022 7:51 PM | SteganographyMicrodot |
| | Oct 22, 2022 6:50 PM | AppSecEzine |
๐ฐ๏ธ SpaceX Starlink User Terminal Modchip | | Oct 21, 2022 6:07 PM | StarlinkDefconModchip |
๐ CVE-2022-3236 _ Sophos Firewall Code Injection | | Oct 21, 2022 5:21 PM | SophosJSONCVE-2022-3236 |
๐ง BlueBleed - The Largest B2B Leak | | Oct 21, 2022 4:52 PM | BlueBleedAzureLeak |
๐ช Fantastic Rootkits: And Where to Find Them | | Oct 20, 2022 6:18 PM | SSDTRootKitWindows |
๐งถ Exploit Deserialization Vulnerabilities in PHP | | Oct 20, 2022 5:54 PM | DeserializationPHP Filter Chain |
๐ก Wireless PenTest Methodologies | | Oct 20, 2022 5:37 PM | WirelessProximityTactical |
๐ฟ CVE-2022-22980 _ Spring Data MongoDB SpEL ExpInjection | | Oct 19, 2022 11:32 PM | CVE-2022โ22980VMWareSpring Data MongoDB |
๐ฃ๏ธ Discovering _ CVE-2022โ22980 real exploitable path | | Oct 19, 2022 11:20 PM | CVE-2022โ22980CodeQL |
๐ Memory corruption vulnerabilities in Edge | | Oct 19, 2022 10:40 PM | EdgexplorerVULN |
๐ฅ CVE-2022โ42889 _ Text4Shell Vuln Technical Analysis | | Oct 19, 2022 8:06 PM | CVE-2022โ42889Text4ShellApache Commons Text |
๐ฅ๏ธ CVE-2022-27502 _ RealVNC Server 6.8.0 PrivEsc | | Oct 18, 2022 5:01 PM | CVE-2022-27502RealVNC |
๐ณ CVE-2022-39197 _ Cobalt Strike 4.7.1 RCE | | Oct 18, 2022 4:10 PM | CVE-2022-39197Cobalt-Strike |
๐ช iOS Native Code Obfuscation and Syscall Hooking | | Oct 18, 2022 2:39 PM | iOSReverse |
๐ก๏ธ SingPass RASP Analysis | | Oct 18, 2022 11:49 AM | ReverseiOS |
| | Oct 17, 2022 6:41 PM | YubiKeyFIDO2 |
๐ธ Replicant: Fault Injection Attack on Trezor One | | Oct 17, 2022 4:51 PM | TrezorCryptoChipFail |
๐งจ CVE-2022-41852 _ RCE in JXPath Library | | Oct 16, 2022 8:09 PM | CVE-2022-41852JXPath |
๐ฆ CVE-2022-41352 _ Zimbra 0-day | | Oct 16, 2022 12:13 PM | ZimbraCVE-2022-41352 |
๐ฆ CVE-2022-37042 _ Zimbra Email Vulnerability | | Oct 16, 2022 12:05 PM | ZimbraCVE-2022-37042 |
๐งฑ CVE-2022-40684 _ FortiOS/Proxy/SwitchManager AuthBypass | | Oct 15, 2022 11:03 PM | CVE-2022-40684Fortinet |
โ๏ธ CVE-2022-37969 _ Windows CLFS Zero-Day | | Oct 15, 2022 4:55 PM | CVE-2022-37969Windows |
๐๏ธ Analysing LastPass Chrome Extension | | Oct 15, 2022 3:22 PM | LastPassChrome Remote Debugging |
โค๏ธโ๐ฅ Disposable Root Servers | | Oct 14, 2022 11:17 AM | SegfaultFree |
| | Oct 7, 2022 7:14 PM | SPKRWRITE |
๐ Attacking Titan M with Only One Byte | | Oct 6, 2022 10:29 PM | CVE-2022-20233Titan M |
๐ค Attacking Android kernel (ab)using Qualcomm TrustZone | | Oct 6, 2022 9:48 PM | TrustZoneCVE-2021-1961 |
๐ธ๏ธ Exploring the REF2731 Intrusion Set | | Oct 4, 2022 9:53 AM | MaldocParallaxNetwire |
๐ Bumblebee: increasing its capacity and evolving its TTPs | | Oct 3, 2022 6:58 PM | BumblebeeMalware |
๐ณ๏ธ CVE-2022-29464 _ detailed analysis of a ShadowPad intrusion | | Oct 3, 2022 6:51 PM | ShadowPadCVE-2022-29464 |
๐ช Beginner's Guide to Sliver C2 | | Oct 1, 2022 5:52 PM | C2Sliver |
๐จ CVE-2022-41040/41082 _ 0-day RCE on Microsoft Exchange | | Oct 1, 2022 12:10 PM | ExchangeCVE-2022-41040CVE-2022-41082 |
๐ช Bad VIB(E)s // Novel Malware in ESXi Hypervisors | | Sep 30, 2022 10:15 AM | MalwareVMWare |
๐ณ Automating C2 Infrastructure with Terraform, Nebula, Caddy and Cobalt Strike | | Sep 28, 2022 5:24 PM | C2 |
๐ฌ Exploiting Flipper Zeroโs NFC file loader | | Sep 28, 2022 9:36 AM | Flipper-ZeroNFCBuffer Overflow |
๐ช A FormBook Matryoshka | | Sep 26, 2022 9:59 PM | MaldocWindows |
๐ชฃ CVE-2022-36804 _ Bitbucket Pre Auth Remote Command Execution | | Sep 22, 2022 12:45 PM | CVE-2022-36804 |
๐ฆ The Crypto Revolution | | Jul 5, 2022 8:08 AM | CryptoGovernancebankless |
๐ฅท๐ฟ Symbiote: A New, Nearly-Impossible-to-Detect Linux Threat | | Jun 30, 2022 10:28 PM | MalwareLINUX |
| | Jun 30, 2022 6:03 PM | ะ ะพััะธัReverse |
๐ป CVE-2022-30190 _ Overview of Bears Cyberespionage | | Jun 27, 2022 7:22 AM | APT28APT29CVE-2022-30190 |
๐ก Hacking Ham Radio for Texting | | Jun 26, 2022 10:06 PM | HamRadioSpectrum |
| | Jun 26, 2022 9:45 PM | MalwareSPKRWRITE |
๐ Tracking Joker with Medusa, static analysis (and patience) | | Jun 20, 2022 9:37 PM | AndroidMalwareJoker |
๐ชฒ CVE-2022-26809 _ Reaching Vulnerable Point | | Jun 19, 2022 10:46 PM | CVE-2022-26809Windows |
๐งฑ APT groups carried out highly targeted attack on Sophos | | Jun 19, 2022 10:37 PM | CVE-2022-1040GoMetGh0stCTI |
๐ค Stablecoins Are Products | | Jun 19, 2022 2:45 PM | CryptoStablecoins |
๐ Emulating Phineas Phisher Attacks in Modern EDR Environments | | Jun 16, 2022 6:33 PM | C2TTPDEFRA |
๐ป GhostTouch: Contactless attack with Electromagnetic Signals | | Jun 12, 2022 10:25 PM | TAOEMITTRY |
๐ How to Make $800m in Crypto, Soros Style - Breaking $UST | | Jun 11, 2022 10:12 PM | CryptoUST |
๐ง
KAX17 de-anonymization against Tor | | Jun 11, 2022 9:58 PM | TorDe-anonKAX17 |
๐ฆ Android/BianLian payload | | Jun 11, 2022 9:45 PM | AndroidMalware |
| | Jun 11, 2022 8:29 PM | CryptoBlockchainZK |
๐ Attacking ARM Pointer Authentication with
Speculative Execution | | Jun 11, 2022 5:52 PM | VULNM1TTRY |
| | Jun 11, 2022 7:45 AM | WindowsMalware |
๐ reNgine - More than just a recon! | | Jun 10, 2022 3:11 PM | ReconScanVATTRY |
| | Jun 9, 2022 7:19 PM | DropCatcher |
| | Jun 9, 2022 6:32 PM | SPKRWRITEะ ะพััะธั |
๐ Russiaโs certificate authority for sanctioned organizations | | Jun 9, 2022 4:59 PM | ะ ะพััะธั |
๐พ Self Hosted Roundup #7 | | Jun 9, 2022 4:53 PM | SelfHosted |
๐คฌ Automated Malware Analysis - Joe Sandbox | | Jun 9, 2022 4:24 PM | MalwareSandbox |
๐ The Surreal Case of aย C.I.A. Hackerโs Revenge | | Jun 8, 2022 6:50 PM | Enota |
๐ง Meet Logseq, 'stores data like a brain' | | Jun 8, 2022 6:48 PM | SubstaTTRYKNWLDG |
๐ธ๏ธ Francesca Bria on Decentralisation, Sovereignty, and Web3 | | Jun 8, 2022 6:39 PM | Web3Decentralisation |
๐ Xenomorph: Hatched Banking Trojan | | Jun 8, 2022 6:39 PM | Malware |
๐ช Guerre di Rete - Ucraina, cronache dai cyber fronti | | Jun 8, 2022 6:37 PM | GuerreDiRete |
๐งช CVE-2022-0847 _ The Dirty Pipe | | Jun 8, 2022 6:37 PM | CVE-2022-0847LINUXAndroidKERNEL |
๐ฃ Perchรฉ รจ il momento di fare (e informare) Guerre di Rete | | Jun 8, 2022 4:27 PM | GuerreDiRete |
๐ถ The state of music/Web3 tools for artists | | Jun 7, 2022 2:16 PM | Web3NFT |
๐ฑ NSO zero-click iMessage RCE exploit | | Jun 7, 2022 1:42 PM | VULNCVE-2021-30860 |
๐๏ธ Threat Thursday: BoratRAT | | Jun 7, 2022 1:27 PM | RATWindowsMalware |