Since V8 had heap sandbox, Chrome renderer RCE usually means chaining 2 bugs
Today we bring the Spear of Longinus
1 bug, 100% success, no heap spray, found in 40+ major versions, arbitrary renderer read/write + V8 sandbox escape
Our CVE-2026-6307 writeup https://t.co/zPnCJ4y0R3
Dear Network,
I'm hiring a Cloud Security Researcher that wants to work at the forefront of investigating new cloud intrusions. You will bring a solid understanding of IAM. Using this knowledge you will dig through cloud activity logs (AWS CloudTrail, Azure Activity Logs) to find
Just in time for Christmas: a repository for decrypting many encrypted D-Link firmware images. Also integrated into Binwalk for auto-magic decryption & extraction.
https://t.co/4GcTrXoFhp
Linux kernel instrumentation from Qemu and gdb:
A technique to analyze binaries or kernel modules that may try to monitor themselves.
In this blog post Professor @Mad5quirrel explains the trick
https://t.co/nrPUk11lNR
Latest additions to JA4+ include TCP fingerprinting! Technical write up: https://t.co/lFNjGVMC5W
If you see an Epson Printer logging into your Okta server, you're about to have a bad day.
JA4T/S available now in Arkime, Wireshark, JA4TScan tool is coming next week as a zmap module. Blog post after that.
PoC to takeover Android using another Android by exploiting critical Bluetooth vulnerability to install #Metasploit payload without proper Bluetooth pairing (CVE-2023-45866)
It still affects Android 10 and bellow
https://t.co/4pRreGazUM
#NetHunter
New @elastic blog post "Discovering anomalous patterns based on parent-child process relationships" covers a lot of material from my ProblemChild @CamlisOrg talk.
https://t.co/BGJPwWTGow
Nice. About the current #Citrix unauth #RCE: it is a simple stack overflow, the affected binary was compiled without PIE, has executable stack, and also there are no stack canaries (on some versions). Back (at least) 10+ yrs in time. :)
Spannend, was in @pvmagazine steht.
https://t.co/6YBGcQIjaY
Die Bundestagsverwaltung wollte die Petition verhindern. Danke, @AkkuDoktor, dass du das nicht akzeptiert hast.
Da sollte wohl Demokratie unterdrückt werden.
unterschreibt. Jetzt erst recht
https://t.co/GAQiIxfECj
🚨 The 2023 Global Threat Report is now live.
Discover the latest activities of the world’s most dangerous adversaries and CrowdStrike’s recommendations for protecting your business against modern attacks.
Access the report: https://t.co/Wa7tkn56NZ
Learn how to modify and exploit a Linux Kernel vulnerability to escape container environments, and how CrowdStrike can help to prevent and hunt for similar threats. https://t.co/BNM5QENJaR
CrowdStrike recently discovered a new exploit method using CVE-2022-41080 and CVE-2022-41082 to achieve remote code execution (RCE) through Outlook Web Access. https://t.co/eP0eDW9DnF
U.S. Department of Health and Human Services (HHS) has issued a warning about ongoing #ransomware attacks targeting #healthcare entities in the country.
Read: https://t.co/b2YNl07oK7
#infosec#malware
Take a deep dive into wmiexec usage seen from multiple incident response investigations and learn more about the indicators that can help defenders detect wmiexec. ⬇️ https://t.co/Gk3Edohgxf
Explore the 4 "capture the flag" challenges in our Targeted Intrusion track of the Adversary Quest 2022: FrontDoor, Backup, Lights Out, Eyes Open. https://t.co/st1yghSoDU
Explore the four "capture the flag" challenges in our Hacktivism track of the Adversary Quest 2022: display0, Spellcheck, Password, tokens. https://t.co/1RZ3HTa9cA