The Rise of ‘Vibe Hacking’ Is the Next AI Nightmare

In the very near future, victory will belong to the savvy blackhat hacker who uses AI to generate code at scale...

The great Google Ads heist: criminals ransack advertiser accounts via fake Google ads

Table of contents Overview Criminals impersonate Google Ads Lures hosted on Google Sites Phishing for Google account credentials Victimology Who is behind these campaigns? Fuel for other malware and scam campaigns Indicators of Compromise Overview Online criminals are targeting individuals and...

CVE-2024-38202

CVE-2024-38202 describes an elevation of privilege in Windows Update that could allow a user with basic privileges to reintroduce mitigated vulnerabilities or bypass some VBS protections. The vulnerability requires an attacker to coax an Administrator or delegated user into performing a system re...

Windows Update Stack Elevation of Privilege Vulnerability

Summary Microsoft was notified that an elevation of privilege vulnerability exists in Windows Update, potentially enabling an attacker with basic user privileges to reintroduce previously mitigated vulnerabilities or circumvent some features of Virtualization Based Security VBS. However, an...

Windows Secure Kernel Mode Elevation of Privilege Vulnerability

Summary: As of July 10, 2025 Microsoft has completed mitigations to address this vulnerability. See KB5042562: Guidance for blocking rollback of virtualization-based security related updates and the Recommended Actions section of this CVE for guidance on how to protect your systems from this...

Hakuin - A Blazing Fast Blind SQL Injection Optimization And Automation Framework

Hakuin is a Blind SQL Injection BSQLI optimization and automation framework written in Python 3. It abstracts away the inference logic and allows users to easily and efficiently extract databases DB from vulnerable web applications. To speed up the process, Hakuin utilizes a variety of optimizati...

Wallarm’s Open Source API Firewall debuts at Blackhat Asia 2024 – Introduces Key New Features & Functionalities

Wallarm introduced its ongoing Open Source API Firewall project to the world at the recently concluded Blackhat Asia 2024 conference in Singapore. The open-source API Firewall by Wallarm is a free, lightweight API Firewall designed to protect REST and GraphQL API endpoints across cloud-native...

Reflecting on supply chain attacks halfway through 2023

Welcome to this weeks edition of the Threat Source newsletter. Between the Talos Takes episode last week and helping my colleague Hazel with the Half-Year in Review, I realized how much I had already forgotten about 2023 already. Its been a whirlwind, personally and professionally, and I think it...

Previewing Talos at BlackHat 2023

Welcome to this weeks edition of the Threat Source newsletter. The time has come once again for all of us well, not me specifically but lots of other Talos people to descend on Las Vegas for Hacker Summer Camp. Cisco Talos will be well-represented at BlackHat and DEF CON over the course of the ne...

KRBUACBypass - UAC Bypass By Abusing Kerberos Tickets

This POC is inspired by James Forshaw @tiraniddo shared at BlackHat USA 2022 titled “ Taking Kerberos To The Next Level ” topic, he shared a Demo of abusing Kerberos tickets to achieve UAC bypass. By adding a KERB-AD-RESTRICTION-ENTRY to the service ticket, but filling in a fake MachineID, we can...

Wordfence Launches Free Vulnerability Database For Commercial Use – And Launches Security Portal

Today we are incredibly excited to announce that Wordfence is launching an entirely free vulnerability database API and web interface, available for commercial use by hosting companies, security organizations, threat analysts, security researchers, and the WordPress user community. This is part o...

ReconPal - Leveraging NLP For Infosec

Recon is one of the most important phases that seem easy but takes a lot of effort and skill to do right. One needs to know about the right tools, correct queries/syntax, run those queries, correlate the information, and sanitize the output. All of this might be easy for a seasoned infosec/recon...

Threat Source newsletter (Aug. 4, 2022) — BlackHat 2022 preview

By Jon Munshaw. Welcome to this week’s edition of the Threat Source newsletter. After what seems like forever and honestly has been a really long time, we’re heading back to BlackHat in-person this year. We’re excited to see a lot of old friends again to commiserate, hang out, trade stories and...

0xCC'd

We spend a lot of time preparing for Blackhat, and as part of putting together content for the show, one of our best, Lurene Grenier, submitted an unexpected piece of content: a poem. Now this poem isn't our regular security research or a shiny piece of corporate correspondence which we would nev...

vAPI - Vulnerable Adversely Programmed Interface Which Is Self-Hostable API That Mimics OWASP API Top 10 Scenarios Through Exercises

vAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable API that mimics OWASP API Top 10 scenarios in the means of Exercises. Requirements PHP MySQL PostMan MITM Proxy Installation Docker docker-compose up -d Installation Manual Copying the Code cd git clone...

How we broke the cloud with two lines of code: the full story of ChaosDB

A summary and recording of Wiz's talk at BlackHat Europe 2021: the full extent of ChaosDB, the impact it had, and the questions it raises about security in managed cloud services...

Porn Problem: Adult Ads Persist on US Gov’t, Military Sites

U.S. military and government website subdomains have a sticky problem: They’re “quite vulnerable” to blackhat SEO tactics that result in persistent redirects to spammy Viagra ads and porn videos. An example is one that showed up on a dot.mil subdomain on the Minnesota National Guard site you can...

Threat Source newsletter (Aug. 5, 2021)

Newsletter compiled by Jon Munshaw.Good afternoon, Talos readers. We hope everyone is enjoying BlackHat and/or DEFCON this week, regardless of if you're attending virtually or in person. In case you missed any of our talks from BlackHat, you can check them out here, along... This is only the...

HTTP/2 Request Smuggling

HTTP Request Smuggling also known as an HTTP Desync Attack has experienced a resurgence in security research recently, thanks in large part to the outstanding work by security researcher James Kettle. His 2019 Blackhat presentation on HTTP Desync attacks exposed vulnerabilities with different...

Pstf2 - Passive Security Tools Fingerprinting Framework

Have you ever wanted a simple, easy and stealth bypass for multiple classes of security products? pstf^2 pronounced pstf-square is an implementation of an HTTP server capable of passive browser fingerprinting - and it might just be the thing you are looking for. When attackers try to deliver a...