9 matches found
ClawHub Security Signals: When VirusTotal, Static Analysis, and SkillSpector Disagree
Agent skills extend AI agents with reusable instructions, tools, scripts, references, and workflows, establishing a security boundary distinct from both model safety and traditional package-malware detection. ClawHub Security Signals is a sanitized dataset of 67,453 latest public OpenClaw skill...
Unlocking the Power of AI in Cybersecurity: Key Takeaways from Our Latest Webinar
Today's SOC teams have to face dramatic challenges that include overwhelming volumes of alerts, blurred perimeter protections, and resource constraints; meanwhile, AI is bursting into SOC workflows as one of the most important elements in addressing these issues more productively and letting team...
Microsoft Revamps Windows Insider Preview Bug Bounty Program
Microsoft has revamped its Windows Insider Preview bug bounty program with higher rewards and an improved portal for bounty hunters to report flaws, in an effort to help sniff out more vulnerabilities on its platform. The Microsoft Windows Insider Preview bounty program is part of the Microsoft...
Triaging a DLL planting vulnerability
DLL planting aka binary planting/hijacking/preloading resurface every now and then, it is not always clear on how Microsoft will respond to the report. This blog post will try to clarify the parameters considered while triaging DLL planting issues. It is well known that when an application loads ...
Triaging a DLL planting vulnerability
DLL planting aka binary planting/hijacking/preloading resurface every now and then, it is not always clear on how Microsoft will respond to the report. This blog post will try to clarify the parameters considered while triaging DLL planting issues. It is well known that when an application loads ...
Evolving Analytics for Execution Trace Data
Five years ago, Mandiant released a proof of concept tool named ShimCacheParser, along with a blog post titled “Leveraging the Application Compatibility Cache in Forensic Investigations”. Since then, ShimCache metadata has become increasingly popular as a source of forensic evidence, both for...
LocalTapiola: Creating arbitrary cookies values /cs/CookieServer (www.lahitapiola.fi)
Issue The reporter was able to inject http-headers to set custom cookies in the response. The cookie scope was .lahitapiola.fi. /cs/CookieServer.The report contained a thorough PoC and appropriate screenshots which assisted the triaging process. Fix The issue was investigated and found to be vali...
Triaging the exploitability of IE/EDGE crashes
Introduction Both Internet Explorer IE and Edge have seen significant changes in order to help protect customers from security threats. This work has featured a number of mitigations that together have not only rendered classes of vulnerabilities not-exploitable, but also dramatically raised the...
A Token’s Tale
Posted by James Forshaw currently impersonating NT AUTHORITY\SYSTEM. Much as I enjoy the process of vulnerability research sometimes there’s a significant disparity between the difficulty of finding a vulnerability and exploiting it. The Project Zero blog contains numerous examples of complex...