On 2023-10-10, a campaign was reported, involving an unknown actor, gaining initial access via Supply chain vector, while using Package typosquatting, Package Starjacking, with unknown impact.
From the first assembly lines to the robotics revolution, the manufacturing industry continually strives to find new ways to boost productivity while lowering costs. Today, major trends are...
tBTC is a bridge that brings BTC to the Ethereum network. This is done using the threshold protocol. Redemption's requested when going from BTC to tBTC on Ethereum can be rquested. Then, a list of...
Microsoft office allows users to put videos into Word from external locations, such as YouTube, via the Online Videos feature. When the video is embedded in the document, Office checks that the...
Entitlements are privilege capabilities on application within MacOS. These are stored as key-value pairs embedded within the code signature of the application. In MacOS, apps will have a UI...
grsecurity has a Linux kernel with a bunch of extra security protections in it. In this post, they detail a protection they created that was inspired from a real bug they found within the Nitro...
Different blockchains have different settings and quirks that lead to various items. For instance, the average block time, timestamp and many others. This talk is inspired by a this Github...
The author commonly browses through DeFiLlama looking for new things to audit. If it has a TVL of 5M and has a bug bounty program, they will take a quick look for some low hanging fruit. The low...
The author of this post decided to look into DFX after only looking into smart contract security for a month. This is a decentralized exchange specifically for stablecoin swaps. Fee on Transfer...
Bug bounty sounds great! How do you pick a target? Since this is code you're going to be looking at for vulnerabilities and attempting to profit off of, you better make a good decision on this....
Stacking smashing protections, also known as stack canaries, is a memory corruption protection put on the stack. This is done by putting a special variable on the stack called the canary, that is...
Aave is a very common loan protocol in the web3 space. This works by depositing your collateral to the system, which allows you to take out loans from any token in the eco-system. A user can...
Uniswap X is a signature-based order book protocol. This allows for order fillers to perform arbitrary execution during the fulfillment, as long as the result of the execution is the order being...
Aave is a very common loan protocol in the web3 space. Liquidation is the process of getting back the tokens of a loan in exchange for a discounted rate on the users collateral. For instance,...
Aave is a very common laon protocol in the web3 space. A flashloan is a loan that occurs within a single transaction. By doing this, a user can get access to a large amount of money without the...
Different types of bot actions with frontrunning/backrunning with various markets: Sandwiching: Increase the price of the asset, let the trade happen, then trade back to make a profit. Sniping:...
Terminals are the most common way for developers to interact with computers. The control codes of this is conveyed in-band to the users. Escape sequences like \x1b[32m are a good example of this....
URL parsing is super hard to do properly. There is a standard that has been updated and changed over the years. Additionally, if there is a difference in verification vs. use at any point, this...
This bulletin includes coordinated influence operation campaigns terminated on our platforms in Q3 2023. It was last updated on November 8, 2023.
Active Directory Certificate Services (ADCS) is used for public key infrastructure in an Active Directory environment. ADCS is widely used in enterprise Active Directory environments for managing...
In this overview, we discuss cybercriminal and hacktivist attacks on industrial organizations.
Generative AI has the potential to revolutionize the way we live, work, bank, and invest. Its impact could be as significant as the advent of the internet or the mobile device. Indeed, 82% of...
On 2023-10-03, a campaign was reported, involving an unknown actor, gaining initial access via Web vulnerability, while using SQL injection, Use DNS for exfiltration, IMDS abuse, SQL commands,...
Detect and mitigate CVE-2023-42115, and 5 more vulnerabilities in Exim. Organizations using affected configurations should mitigate and patch the vulnerabilities urgently.
Cyber risk management company DarkBeam has leaked more than 3.8 billion records after it left an Elasticsearch server unprotected on the internet. The database contained information from older...
Delving into CVE-2023-4863 and CVE-2023-5217 - critical vulnerabilities in libwebp and libvpx exploited in the wild.
An Introduction to Extended BPF and Its Transformative Impact.
An overview of reports of APT and financial attacks on industrial enterprises, as well as related activities of groups that have been observed attacking industrial organizations and critical...
Last week Google’s Threat Analysis Group (TAG), in partnership with The Citizen Lab, discovered an in-the-wild 0-day exploit chain for iPhones. Developed by the commerci…
Hayden Covington // Phishing is an ever-present threat, but lately, user education and spam filters have helped mitigate some of that threat. But what happens when a phish makes it […] The post...