GitHub Actions exploitation: repo jacking and environment manipulation
#synacktiv
via Synacktiv Blog (author: Hugo Vincent)
#synacktiv
via Synacktiv Blog (author: Hugo Vincent)
dirDevil: Hiding Code and Content Within Folder Structures
#trustedsec
<p>Welcome back to another round of "Hiding in Plain Sight," exploring weird places to stash data or payloads. In our last edition, we explored an easy method of encoding a payload into RGB values of a PNG file and hosting…</p>
via TrustedSec Blog (author: @ nyxgeek)
#trustedsec
<p>Welcome back to another round of "Hiding in Plain Sight," exploring weird places to stash data or payloads. In our last edition, we explored an easy method of encoding a payload into RGB values of a PNG file and hosting…</p>
via TrustedSec Blog (author: @ nyxgeek)
This Meeting Should Have Been an Email
#objectivesee
A DPRK stealer, dubbed BeaverTail, targets users via a trojanized meeting app. Let's analyze it comprehensively.
via Objective-See Blog
#objectivesee
A DPRK stealer, dubbed BeaverTail, targets users via a trojanized meeting app. Let's analyze it comprehensively.
via Objective-See Blog
Technical Analysis: Killer Ultra Malware Targeting EDR Products in Ransomware Attacks
#trustedsec
<p>This post was written by John Dwyer, Director of Security Research at Binary Defense, and made possible through the contributions of TrustedSec Senior Research Analyst Kevin Haubris and Eric Gonzalez of Binary…</p>
via TrustedSec Blog (author: John Dwyer)
#trustedsec
<p>This post was written by John Dwyer, Director of Security Research at Binary Defense, and made possible through the contributions of TrustedSec Senior Research Analyst Kevin Haubris and Eric Gonzalez of Binary…</p>
via TrustedSec Blog (author: John Dwyer)
Cobalt Strike 4.10: Through the BeaconGate
#cobaltstrike
Cobalt Strike 4.10 is now available. This release introduces BeaconGate, the Postex Kit, and Sleepmask-VS. In addition, we have overhauled the Sleepmask API, refreshed the Jobs UI, added new BOF APIs, added support for hot swapping C2 hosts, and more. This has been a longer release cycle than in previous releases to allow us to [...]
via Cobalt Strike Blog (author: William Burgess)
#cobaltstrike
Cobalt Strike 4.10 is now available. This release introduces BeaconGate, the Postex Kit, and Sleepmask-VS. In addition, we have overhauled the Sleepmask API, refreshed the Jobs UI, added new BOF APIs, added support for hot swapping C2 hosts, and more. This has been a longer release cycle than in previous releases to allow us to [...]
via Cobalt Strike Blog (author: William Burgess)
The Security Principle Every Attacker Needs to Follow
#specterops
via SpecterOps Team Medium (author: Elad Shamir)
#specterops
via SpecterOps Team Medium (author: Elad Shamir)
What is Your Compliance Kryptonite?
#trustedsec
Have you ever felt frustrated about security compliance? Well, you're not alone. We've all got some kind of 'Kryptonite' when it comes to Compliance. I asked some of our InfoSec auditors to share their Kryptonite. Their…
via TrustedSec Blog (author: Steve Maxwell)
#trustedsec
Have you ever felt frustrated about security compliance? Well, you're not alone. We've all got some kind of 'Kryptonite' when it comes to Compliance. I asked some of our InfoSec auditors to share their Kryptonite. Their…
via TrustedSec Blog (author: Steve Maxwell)
Advenutures in Shellcode Obfuscation! Part 5: Base64
#redsiege
by Mike Saunders, Principal Consultant This blog is the fifth in a series of blogs on obfuscation techniques for hiding shellcode. You can find the rest of the series here. […]
via RedSiege Blog (author: Red Siege)
#redsiege
by Mike Saunders, Principal Consultant This blog is the fifth in a series of blogs on obfuscation techniques for hiding shellcode. You can find the rest of the series here. […]
via RedSiege Blog (author: Red Siege)
Shellcode: Modular Exponentiation for Diffie-Hellman Key Exchange.
#odzhan
Table Of Contents Introduction Symmetric vs Asymmetric Encryption with RSA Digital Signatures with RSA History Diffie-Hellman Key Exchange Crypto API Binary Exponentiation Methods Arbitrary-precision Arithmetic Addition Subtraction Multiplication Division Exponentiation Modular Multiplicative Inverse Modular Addition Modular Multiplication Modular Exponentiation Counting …
via modexp Blog (author: odzhan)
#odzhan
Table Of Contents Introduction Symmetric vs Asymmetric Encryption with RSA Digital Signatures with RSA History Diffie-Hellman Key Exchange Crypto API Binary Exponentiation Methods Arbitrary-precision Arithmetic Addition Subtraction Multiplication Division Exponentiation Modular Multiplicative Inverse Modular Addition Modular Multiplication Modular Exponentiation Counting …
via modexp Blog (author: odzhan)
🔥1
The Security Principle Every Attacker Needs to Follow
#specterops
via SpecterOps Team Medium (author: Elad Shamir)
#specterops
via SpecterOps Team Medium (author: Elad Shamir)
Medium
The Security Principle Every Attacker Needs to Follow
Earlier this year, I was tasked with developing a follow-on course for our renowned Adversary Tactics: Red Team Operations course. The new…
Adventures in Shellcode Obfuscation! Part 6: Two Array Method
#redsiege
by Mike Saunders, Principal Security Consultant This blog is the sixth in a series of blogs on obfuscation techniques for hiding shellcode. You can find the rest of […]
via RedSiege Blog (author: Red Siege)
#redsiege
by Mike Saunders, Principal Security Consultant This blog is the sixth in a series of blogs on obfuscation techniques for hiding shellcode. You can find the rest of […]
via RedSiege Blog (author: Red Siege)
Injecting Java in-memory payloads for post-exploitation
#synacktiv
via Synacktiv Blog (author: Clement Amic)
#synacktiv
via Synacktiv Blog (author: Clement Amic)
Vulnerabilities in AI Agents
#nettitude
LLMs are becoming increasingly accessible to everyone. It is very easy to create your own LLM system, however like with any new technology, they are challenging to secure. Many AI systems are vulnerable to various attacks - the following are three examples of such attacks on LLM agents that we have identified recently. The examples [...]
via Nettitude Labs Blog (author: Jakub Partyka)
#nettitude
LLMs are becoming increasingly accessible to everyone. It is very easy to create your own LLM system, however like with any new technology, they are challenging to secure. Many AI systems are vulnerable to various attacks - the following are three examples of such attacks on LLM agents that we have identified recently. The examples [...]
via Nettitude Labs Blog (author: Jakub Partyka)
Lapse of Control: Applauding PCI SSC for FAQ 1572
#trustedsec
I want to applaud the PCI Security Standards Council (PCI SSC) for FAQ 1572 published in March of 2024 for simply and effectively answering a question asked by countless assessors for several years.The question is: Can…
via TrustedSec Blog (author: Steve Maxwell)
#trustedsec
I want to applaud the PCI Security Standards Council (PCI SSC) for FAQ 1572 published in March of 2024 for simply and effectively answering a question asked by countless assessors for several years.The question is: Can…
via TrustedSec Blog (author: Steve Maxwell)
Out of Chaos: Applying Structure to Web Application Penetration Testing
#redsiege
By Stuart Rorer, Security Consultant As a kid, I remember watching shopping contest shows where people, wildly, darted through a store trying to obtain specific objects, or gather as much […]
via RedSiege Blog (author: Red Siege)
#redsiege
By Stuart Rorer, Security Consultant As a kid, I remember watching shopping contest shows where people, wildly, darted through a store trying to obtain specific objects, or gather as much […]
via RedSiege Blog (author: Red Siege)