November 27, 2024
November 27, 2024
If you like bounties, I highly recommend this presentation from @tincho_508 on novel web cache deception techniques. It comes with @WebSecAcademy labs too!https://t.co/XdE0SN3Ccz
— James Kettle (@albinowax) November 26, 2024
Existential Panic
How is it almost December already!?
Defects-in-Depth: Analyzing the Integration of Effective Defenses against One-Day Exploits in Android Kernelshttps://t.co/9vpKhYgHTL pic.twitter.com/qWhidEZNOk
— Linux Kernel Security (@linkersec) November 26, 2024
While investigating yet another BEC incident, I stumbled upon..
— Stephan Berger (@malmoeb) November 26, 2024
{
"Name": "UserAgent",
"Value": "axios/1.7.7"
}
🥳 This becomes a really good IOC. https://t.co/XJEQcY2a5J
Friendly Reminder: If you have admin privileges but lack the necessary file permissions, you can leverage the SeBackup/SeRestore privileges directly from cmd.exe! There’s no need to elevate to LocalSystem, duplicate TrustedInstaller, or use similar methods. Simply enable the… pic.twitter.com/Q1dj5esZsr
— Grzegorz Tworek (@0gtweet) November 25, 2024
Q: what happens when a threat actor's "novel" opsec strategy involves harassing researchers?
— Allison Nixon (@nixonnixoff) November 12, 2024
A: 275 Years https://t.co/VgJKGuY92f
Hacker in Snowflake Extortions May Be a U.S. Soldier – Krebs on Security
Two men have been arrested for allegedly stealing data from and extorting dozens of companies that used the cloud data storage company Snowflake, but a third suspect -- a prolific hacker known as Kiberphant0m -- remains at large and continues…
These numbers seem off.
.@SimoKohonen did the math. Here is a list of every vendor and every high-severity CVE from the past 5 years.
— vx-underground (@vxunderground) November 27, 2024
Qualcomm: 97,388
Cisco: 15,833
Microsoft: 11,375
Intel: 9,323
Juniper: 5,550
Dell: 5,041
Hp: 4,448
Netgear: 3,855
Apple: 3,544
Siemens: 3,281
Zoho Corp: 2,636
Lexmark:…
Inside the Russian cyberagency targeting the Westhttps://t.co/mnnvCxZTKt
— Dr. Dan Lomas (@Sandbagger_01) November 27, 2024