Tornado Cash is a smart contract cryptocurrency mixer. This allows users at one address to withdraw funds at another address without creating a traceable link between the two addresses. Seems...

The integration of Wiz’s CNAPP and Google Cloud helps both cloud defenders and builders improve security and innovate faster.

Cypher is a protocol for lending, borrowing and trading using margin. Margin is the process of betting on assets using value that you are borrowing from somebody else. There are two types of...

The Content Security Policy (CSP) is used to restrict what can be done on a web page. This is useful for defense-in-depth on issues, like XSS, as well as framing. The origin of resources and the...

Authored by Preksha Saxena McAfee labs observed a Remcos RAT campaign where malicious VBS files were delivered via phishing email.... The post Peeling Back the Layers of RemcosRat Malware appeared...

On 2023-08-29, a campaign was reported, involving Kinsing operator, gaining initial access via 1-day vulnerability, Software misconfig, while using Misconfigured PostgreSQL abuse, targeting...

On 2023-08-29, a campaign was reported, involving UNC4841, gaining initial access via 0-day vulnerability, targeting Barracuda ESG to achieve Data exfiltration.

On 2023-08-29, an incident was reported, involving an unknown actor, gaining initial access via End-user compromise, while using Spearphishing, to achieve Supply chain attack.

JS8 is a protocol for communicating over vast differences using radio. It's a text based protocol for chat. The protocol is operates at 7MHz-14MHz, which is extremely low. At these frequencies,...

A security researcher discovered an exposed cloud database that contained sensitive log records with references to Fatal Model, an escort service in Brazil. Additionally, the database contained...

Authored by: Neil Tyagi Scam artists know no bounds—and that also applies to stealing your cryptocurrency. Crypto scams are like... The post Crypto Scam: SpaceX Tokens for Sale appeared first on...

TL;DR This post is a summary of the contents of my talk in Defcon 31 AppSec Village last August 2023, and part of what I will explain in Canada at the SecTor conference on the 24th of October 2023...

This blog post is based on “GroundPeony: Crawling with Malice” that we presented at HITCON CMT 2023. We are grateful to HITCON for giving us the opportunity to present....

Ensure that your Docker and Kubernetes environments are secure and compliant with CIS benchmarks. Generate reports quickly and easily and remediate any issues with actionable insights.

Zunami is a yield aggregator protocol for stablecoin staking. They lost 2.1M dollars in two transactions. How did this happen? The function calcTokenPrice() is used to determine the price of the...

Chainlink provides off-chain data to smart contracts in order for users to query them. Integrating with chainlink creates its own set of challenges. The oracles are updated periodically but must...

On 2023-08-17, a campaign was reported, involving Labrat operator, gaining initial access via 1-day vulnerability, while using Proxyjacking, Cloud compute cryptojacking, targeting GitLab to...

After tracking the cybercrime threat landscape on a day-to-day basis for over four years now, it’s not that often anymore that something surprises me. But the latest trend of a suspected...

Mocor OS is a proprietary OS from UNISOC. This OS is used in various phone vendros such as Nokia, TCL and others. During the initial boot up process, there is a user-lock password on the phone....

On the web, the go to method for maintaining state in the stateless HTTP protocol is cookies. The .NET framework included a way of putting cookies into the URL for clients who couldn't support...

The original XBox was pwned hard very soon after its release through various methods. One method that was thrown out early on was the idea of using JTAG. This was a gold mine if possible though;...

VPNs are used in order to prevent snooping or internet tracking. In this article, the authors go over widespread issues they found with VPN apps. When a user joins a network, the subnet is set....

On 2023-08-15, an incident was reported, involving an unknown actor, gaining initial access via 0-day vulnerability, while using SSM orchestration abuse, Cron persistence, IMDS abuse, targeting...

On 2023-08-15, an incident was reported, involving an unknown actor, gaining initial access via ,. The following tools were observed: linPEAS.

On 2023-08-15, a campaign was reported, involving 0ktapus, gaining initial access via Unknown, while using Azure Run Commands abuse, with unknown impact.

Patterson Cake // When it comes to M365 audit and investigation, the “Unified Audit Log” (UAL) is your friend. It can be surly, obstinate, and wholly inadequate, but your friend […] The post...

In this part we present information on the four types of implants and two tools used during the last (third) stage of the attacks discovered.

On 2023-08-10, a campaign was reported, involving an unknown actor, gaining initial access via 1-day vulnerability, targeting SugarCRM. The following tools were observed: Pacu, ScoutSuite.

Researchers also disclosed a separate bug called "Inception" for newer AMD CPUs.

Wiz is the #1 cloud security company on the list and one of the biggest movers from last year, alongside OpenAI. What an honor!