The Windows Registry Adventure #3: Learning resources
Posted by Mateusz Jurczyk, Google Project Zero When tackling a new vulnerability research target, especially a closed-source one, I prioritize gathering as much information about it as possible. This gets especially interesting when it's a subsystem as old and fundamental as the Windows registry......
5.5CVSS
6.7AI Score
0.001EPSS
A proof-of-concept User-Defined Reflective Loader (UDRL) which aims to recreate, integrate, and enhance Cobalt Strike's evasion features! Contributors: Contributor | Twitter | Notable Contributions ---|---|--- Bobby Cooke | @0xBoku | Project original author and maintainer Santiago Pecin |...
7.5AI Score
Security and Human Behavior (SHB) 2024
This week, I hosted the seventeenth Workshop on Security and Human Behavior at the Harvard Kennedy School. This is the first workshop since our co-founder, Ross Anderson, died unexpectedly. SHB is a small, annual, invitational workshop of people studying various aspects of the human side of...
7.4AI Score
Retrieving Deleted Files on the Commodore C64 in 1987
When I was a sophomore in high school, from 1987 to 1988, my friend Paul and I had Commodore C64 computers. There was a new graphical user interface called GEOS that had transformed the way we interacted with our computers. We used the C64 to play games but also write papers for school. One day...
7.3AI Score
Privacy Implications of Tracking Wireless Access Points
Brian Krebs reports on research into geolocating routers: Apple and the satellite-based broadband service Starlink each recently took steps to address new research into the potential security and privacy implications of how their services geolocate devices. Researchers from the University of...
6.9AI Score
Security Advisory 0097 PDF Date: May 24, 2024 Revision | Date | Changes ---|---|--- 1.0 | May 24, 2024 | Initial release The CVE-ID tracking this issue: CVE-2023-52424 CVSSv3.1 Base Score: Not indicated by NVD as of 5/23/2024 Description Arista Networks is providing this security update in...
6AI Score
EPSS
Why Your Wi-Fi Router Doubles as an Apple AirTag
Image: Shutterstock. Apple and the satellite-based broadband service Starlink each recently took steps to address new research into the potential security and privacy implications of how their services geo-locate devices. Researchers from the University of Maryland say they relied on publicly...
6.2AI Score
Hakuin - A Blazing Fast Blind SQL Injection Optimization And Automation Framework
Hakuin is a Blind SQL Injection (BSQLI) optimization and automation framework written in Python 3. It abstracts away the inference logic and allows users to easily and efficiently extract databases (DB) from vulnerable web applications. To speed up the process, Hakuin utilizes a variety of...
8.2AI Score
Vulnerabilities that (mostly) aren’t: LUCKY13
TL;DR LUCKY13 is more an attack than a vulnerability LUCKY13 was patched over a decade ago … so it’s really unlikely that your server is vulnerable now It's an implementation issue Disabling CBC ciphers is still a good idea … but not because of susceptibility to LUCKY13 There is no material risk...
7.4AI Score
0.005EPSS
The Business of Cybersecurity Ownership
Who exactly owns cybersecurity in your organisation? Authored by Sean Vogelenzang Many would say the answer is obvious. It’s the chief information security officer (CISO) and his or her team, of course. However, it’s not that simple. Sure, the CISO and their team are responsible for setting the...
7AI Score
CodeQL zero to hero part 3: Security research with CodeQL
I've written a bit in the past about static analysis (CodeQL zero to hero part 1: Fundamentals of static analysis) and basics of writing CodeQL queries (CodeQL zero to hero part 2: Getting started with CodeQL). Today, I want to dig deeper about CodeQL and talk about variant analysis, writing a...
8.3AI Score
Taking Time to Understand NIS2 Reporting Requirements
The newest version of the European Union Network and Information Systems directive, or NIS2, came into force in January 2023. Member States have until October 2024 to transpose it into their national law. One of the most critical changes with NIS2 is the schedule for reporting a cybersecurity...
7AI Score
A flaw was found in some Intel CPUs where mitigations for the Spectre V2/BHI vulnerability were incomplete. This issue may allow an attacker to read arbitrary memory, compromising system integrity and exposing sensitive information. Mitigation Mitigation for this issue is either not available or...
6.7AI Score
EPSS
[x86: Native Branch History Injection] Notes Author| Note ---|--- sbeattie | in the short term, Ubuntu 6.6 based kernels (Ubuntu 23.10 LTS and Ubuntu 22.04 HWE kernels) have backported the first round of native_bhi mitigations, but are defaulting to spectre_bhi=auto. The kernel commandline...
7.8AI Score
EPSS
New Wave of JSOutProx Malware Targeting Financial Firms in APAC and MENA
Financial organizations in the Asia-Pacific (APAC) and Middle East and North Africa (MENA) are being targeted by a new version of an "evolving threat" called JSOutProx. "JSOutProx is a sophisticated attack framework utilizing both JavaScript and .NET," Resecurity said in a technical report...
7.1AI Score
Nextcloud: Weak ssh algorithms and CVE-2023-48795 Discovered on various subdomains of nextcloud.com
Security researchers from Ruhr University Bochum have discovered a vulnerability in the Secure Shell (SSH) cryptographic network protocol that could allow an attacker to downgrade the connection's security by breaking the integrity of the secure channel. Called Terrapin (CVE-2023-48795, CVSS...
5.9CVSS
7.4AI Score
0.963EPSS
9.8CVSS
6.8AI Score
0.004EPSS
Ross Anderson unexpectedly passed away Thursday night in, I believe, his home in Cambridge. I can't remember when I first met Ross. Of course it was before 2008, when we created the Security and Human Behavior workshop. It was well before 2001, when we created the Workshop on Economics and...
7.2AI Score
Telegram Offers Premium Subscription in Exchange for Using Your Number to Send OTPs
In June 2017, a study of more than 3,000 Massachusetts Institute of Technology (MIT) students published by the National Bureau for Economic Research (NBER) found that 98% of them were willing to give away their friends' email addresses in exchange for free pizza. "Whereas people say they care...
7.2AI Score
Modern CPU architectures supporting speculative execution are vulnerable to a Speculative Race Condition (SRC) vulnerability, akin to Spectre V1. The vulnerability arises from race conditions that allow an unauthenticated attacker to exploit speculative executable code paths, potentially...
7.1AI Score
0.0004EPSS
A Speculative Race Condition (SRC) vulnerability that impacts modern CPU architectures supporting speculative execution (related to Spectre V1) has been disclosed. An unauthenticated attacker can exploit this vulnerability to disclose arbitrary data from the CPU using race conditions to access the....
6.4AI Score
0.0004EPSS
A Speculative Race Condition (SRC) vulnerability that impacts modern CPU architectures supporting speculative execution (related to Spectre V1) has been disclosed. An unauthenticated attacker can exploit this vulnerability to disclose arbitrary data from the CPU using race conditions to access the....
7.5AI Score
0.0004EPSS
A Speculative Race Condition (SRC) vulnerability that impacts modern CPU architectures supporting speculative execution (related to Spectre V1) has been disclosed. An unauthenticated attacker can exploit this vulnerability to disclose arbitrary data from the CPU using race conditions to access the....
6AI Score
0.0004EPSS
A Speculative Race Condition (SRC) vulnerability that impacts modern CPU architectures supporting speculative execution (related to Spectre V1) has been disclosed. An unauthenticated attacker can exploit this vulnerability to disclose arbitrary data from the CPU using race conditions to access the....
6.5AI Score
0.0004EPSS
A Speculative Race Condition (SRC) vulnerability that impacts modern CPU architectures supporting speculative execution (related to Spectre V1) has been disclosed. An unauthenticated attacker can exploit this vulnerability to disclose arbitrary data from the CPU using race conditions to access the....
5.5CVSS
6AI Score
0.0004EPSS
Breaking it Down: A Data-Centric Security Perspective on NIST Cybersecurity Framework 2.0
On February 26, 2024, NIST released version 2.0 of the Cybersecurity Framework. This blog reviews the fundamental changes introduced in CSF 2.0 and data-centric security considerations that should be made when aligning with the new framework. As cybercriminals become more sophisticated,...
7.2AI Score
Bootiful Spring Boot in 2024 (part 1)
NB: the code is here on my Github account: github.com/joshlong/bootiful-spring-boot-2024-blog. Hi, Spring fans! I'm Josh Long, and I work on the Spring team. I'm excited to be keynoting and giving a talk at Microsoft's JDConf this year. I'm a Kotlin GDE and a Java Champion, and I'm of the opinion.....
6.9AI Score
#StopRansomware: Phobos Ransomware
Actions to take today to mitigate Phobos ransomware activity: Secure RDP ports to prevent threat actors from abusing and leveraging RDP tools. Prioritize remediating known exploited vulnerabilities. Implement EDR solutions to disrupt threat actor memory allocation...
7.2AI Score
Microsoft, OpenAI Warn of Nation-State Hackers Weaponizing AI for Cyber Attacks
Nation-state actors associated with Russia, North Korea, Iran, and China are experimenting with artificial intelligence (AI) and large language models (LLMs) to complement their ongoing cyber attack operations. The findings come from a report published by Microsoft in collaboration with OpenAI,...
7AI Score
The Psychology of Phishing: Unraveling the Success Behind Phishing Attacks and Effective Countermeasures By Tomer Shloman · February 1, 2024 Phishing is one of the most sneaky and widespread attacks in the constantly changing world of cybersecurity threats. This form of cyber attack, deceiving...
7.1AI Score
Chatbots and Human Conversation
For most of history, communicating with a computer has not been like communicating with a person. In their earliest years, computers required carefully constructed instructions, delivered through punch cards; then came a command-line interface, followed by menus and options and text boxes. If you.....
6.9AI Score
China-backed Hackers Hijack Software Updates to Implant "NSPX30" Spyware
A previously undocumented China-aligned threat actor has been linked to a set of adversary-in-the-middle (AitM) attacks that hijack update requests from legitimate software to deliver a sophisticated implant named NSPX30. Slovak cybersecurity firm ESET is tracking the advanced persistent threat...
7.5CVSS
5.9AI Score
0.976EPSS
Canadian Man Stuck in Triangle of E-Commerce Fraud
A Canadian man who says he's been falsely charged with orchestrating a complex e-commerce scam is seeking to clear his name. His case appears to involve "triangulation fraud," which occurs when a consumer purchases something online -- from a seller on Amazon or eBay, for example -- but the seller.....
6.8AI Score
Are You Ready for PCI DSS 4.0?
The Payment Card Industry Data Security Standard (PCI DSS) is the global benchmark for ensuring companies that handle credit card information maintain a secure environment. It provides a framework to help organizations protect sensitive cardholder data from theft and secure payment card systems. .....
6.8AI Score
Here’s Some Bitcoin: Oh, and You’ve Been Served!
A California man who lost $100,000 in a 2021 SIM-swapping attack is suing the unknown holder of a cryptocurrency wallet that harbors his stolen funds. The case is thought to be the first in which a federal court has recognized the use of information included in a bitcoin transaction -- such as a...
6.8AI Score
BlueHat India Call for Papers is Now Open!
You asked for it and it’s finally here! The inaugural BlueHat India conference will be held May 16-17th, 2024, in Hyderabad, India! This intimate conference will bring together a unique blend of security researchers and responders, who come together as peers to exchange ideas, experiences, and...
7.3AI Score
Artificial intelligence is poised to upend much of society, removing human limitations inherent in many systems. One such limitation is information and logistical bottlenecks in decision-making. Traditionally, people have been forced to reduce complex choices to a small handful of options that...
7AI Score
Welcome to another installment of This Week in Spring! It's December 26th, 2023, and we're staring down the new year! And you know what that means, right? It's time for our annual roundup, looking at all the latest and greatest in the wild and wonderful world of Springdom. This is This Year in...
7.1AI Score
Story of the year: the impact of AI on cybersecurity
In the whirlwind of technological advancements and societal transformations, the term "AI" has undoubtedly etched itself into the forefront of global discourse. Over the past twelve months, this abbreviation has resonated across innumerable headlines, business surveys and tech reports, firmly...
7.7AI Score
Meta’s Purple Llama wants to test safety risks in AI models
Meta has announced Purple Llama, a project that aims to "bring together tools and evaluations to help the community build responsibly with open generative AI models." Generative Artificial Intelligence (AI) models have been around for years and their main function, compared to older AI models is...
7.8AI Score
2024 Predictions for Cybersecurity: The Rise of AI Brings New Challenges
The emergence of generative AI has put new resources in the hands of both attackers and defenders, and in 2024, Imperva believes the technology will have an even greater impact. Understanding how attackers are leveraging the technology will be critical for organizations seeking to keep...
7.2AI Score
Aladdin is a payload generation technique based on the work of James Forshaw (@tiraniddo) that allows the deseriallization of a .NET payload and execution in memory. The original vector was documented on https://www.tiraniddo.dev/2017/07/dg-on-windows-10-s-executing-arbitrary.html. By spawning the....
7.5AI Score
Unveiling the Deceptive Dance: Phobos Ransomware Masquerading As VX-Underground
During a recent hunt, Qualys Threat Research has come across a ransomware family known as Phobos, impersonating VX-Underground. Phobos ransomware has been knocking on our door since early 2019 and is often seen being distributed via stolen Remote Desktop Protocol (RDP) connections. Strongly...
7.7AI Score
Alleged Extortioner of Psychotherapy Patients Faces Trial
Prosecutors in Finland this week commenced their criminal trial against Julius Kivimäki, a 26-year-old Finnish man charged with extorting a once popular and now-bankrupt online psychotherapy practice and thousands of its patients. In a 2,200-page report, Finnish authorities laid out how they...
7.4AI Score
Online Retailers: Five Threats Targeting Your Business This Holiday Shopping Season
As the holiday season approaches, a palpable sense of joy and anticipation fills the air. Twinkling lights adorn homes, the aroma of freshly baked cookies wafts through the kitchen, and the sound of laughter and carolers' melodies resonate on frosty evenings. It's a time when families come...
7.6AI Score
Using ChatGPT to cheat on assignments? New tool detects AI-generated text with amazing accuracy
ChatGPT and similar Large language models (LLMs) can be used to write texts about any given subject, at any desired length at a speed unmatched by humans. So it's not a surprise that students have been using them to "help" write assignments, much to the dismay of teachers who prefer to receive...
7.3AI Score
This is an excerpt from a longer paper. You can read the whole thing (complete with sidebars and illustrations) here. Our message is simple: it is possible to get the best of both worlds. We can and should get the benefits of the cloud while taking security back into our own hands. Here we outline....
7AI Score
Testing with OpenAPI Specifications
The 2023 SANS Survey on API Security (Jun-2023) found that less than 50 percent of respondents have API security testing tools in place. Even fewer (29 percent) have API discovery tools. Wallarm delivers both these capabilities via our single, integrated App and API Security platform. Wallarm has.....
7.5AI Score
Trellix 2024 Threat Predictions
Trellix 2024 Threat Predictions By Trellix · October 30, 2023 Introduction This last year we have seen upheaval across the cybersecurity landscape. The need for effective, worldwide threat intelligence continues to grow as geopolitical and economic developments create an increasingly...
7AI Score
Trellix 2024 Threat Predictions
Trellix 2024 Threat Predictions By Trellix · October 30, 2023 Introduction This last year we have seen upheaval across the cybersecurity landscape. The need for effective, worldwide threat intelligence continues to grow as geopolitical and economic developments create an increasingly...
6.9AI Score