Cryptographic signatures are super useful in Ethereum Solidity smart contracts for proving that a user approves an action. However, it'd be nice to do this for smart contracts but there is no key....
Outage occurs on same day as special election, but election offices remain open.
Authored by Anuradha and Preksha Introduction PikaBot is a malicious backdoor that has been active since early 2023. Its modular... The post Distinctive Campaign Evolution of Pikabot Malware...
Wiz practices what it preaches. Let’s look at how the security team at Wiz uses the power of the Wiz platform to monitor all its cloud-based infrastructure and services.
KubeCon Europe is the largest open source community conference in Europe with hundreds of talks, many of them about security. All the sessions are available online; in this blog, we’ll discuss our...
An overview of reports of APT and financial attacks on industrial enterprises, as well as related activities of groups that have been observed attacking industrial organizations and critical...
Recently, there was a bypass in DOMPurify when it's used to sanitize XML documents. Since bugs come in pairs, the author looked and found two more variants of the bug in the codebase. For context,...
In April 2020, Microsoft acquired Affirmed Networks. Sometime prior to that, Storm-0558 likely gained access to a device used by one of the company’s engineer, and retained that access following...
April 1, 2024 According to detection statistics collected by the Dr.Web for Android anti-virus, February 2024 saw a significant increase in Android.HiddenAds trojan family activity―it was up...
April 1, 2024 An analysis of Dr.Web anti-virus detection statistics for February 2024 revealed a 1.26% increase in the total number of threats detected, compared to January. At the same time, the...
Key Takeaways We provide a range of services, one of which is our Threat Feed, specializing in monitoring Command and Control frameworks like Cobalt Strike, Metasploit, Sliver, Viper, Mythic,...
Detect and mitigate CVE-2024-3094, a critical supply chain compromise, affecting XZ Utils Data compression library. Organizations should patch urgently.
The staking module is at the core of the Cosmos SDK ecosystem. If the security of this can be broken, then all is lost. The economic security of the Cosmos SDK relies on four related concepts:...
March 29, 2024 An analysis of Dr.Web anti-virus detection statistics for January 2024 revealed a 95.66% increase in the total number of threats detected, compared to December 2023. At the same...
March 29, 2024 According to detection statistics collected by the Dr.Web for Android anti-virus, in January 2024, users were most likely to encounter Android.HiddenAds trojan applications; these...
This is part 3 of a series about IBC (interblockchain communication) token rate limiting. They have a nice dashboard that shows all of the rate limits on Osmosis. In this article, they attempt to...
A backdoor has been identified in versions 5.6.0 and 5.6.1 of XZ Utils (assigned CVE-2024-3094), which under some conditions may allow SSH authentication bypass in specific versions of certain...
Wiz SPM for version control systems helps you find and fix risks in your GitHub instance.
While social engineering attacks such as phishing are a great way to gain a foothold in a target environment, direct attacks against externally exploitable services are continuing to make...
Authored by Joshua Kamp Executive summary The authors behind Android banking malware Vultur have been spotted adding new technical features, which allow the malware operator to further remotely...
Authored by Joshua Kamp Executive summary The authors behind Android banking malware Vultur have been spotted adding new technical features, which allow the malware operator to further remotely...
Introduction Hi there! I’m one of the researchers at Greynoise. While on the main blog I try to write formally, expect my blog posts in the Grimoire to be a little more off the cuff. Over the...
Today, Google released its report “We’re All in this Together: A Year in Review of Zero-Days Exploited In-the-Wild in 2023.”
Today, Google released its report “We’re All in this Together: A Year in Review of Zero-Days Exploited In-the-Wild in 2023.”
In part one, the author used a prototype pollution vulnerability to compromise the Renderer process. In part two, they uses another prototype pollution vulnerability from their privileged...
Browser exploitation is extremely complicated and difficult. Most of the bugs are memory corruption issues. Hence, there are multiple layers of exploitation required because of a large amount of...
Cronos is a Cosmos based chain that uses Ethermint as the smart contract runtime platform. They have the largest TVL within the Cosmos system. Reentrancy is a vulnerability class where a user can...
In the first of our four-part series, learn why practitioners prioritize human-to-human sharing and its benefits.
As the industrial landscape evolves, so do the threats that accompany it. While many industrial threats may be developing slowly from year to year, subtle changes are reaching a critical mass,...
Researchers observed the Agenda Ransomware group, identified as Qilin or Water Galura, has been spreading through VMware vCenter and ESXi servers. The group has been actively evolving and...