Port 22

~ 4 Mar 2021 ~

APT-Hunter Threat Hunting Tool via Windows Event Log

APT-Hunter Threat Hunting Tool via Windows Event Log

~ 3 Mar 2021 ~

Fuzzing Image Parsing in Windows, Part Two: Uninitialized Memory

~ 26 Jan 2021 ~

Phishing Campaign Leverages WOFF Obfuscation and Telegram Channels for Communication

~ 21 Jan 2021 ~

Training Transformers for Cyber Security Tasks: A Case Study on Malicious URL Prediction

~ 20 Jan 2021 ~

Emulation of Kernel Mode Rootkits With Speakeasy

~ 1 Dec 2020 ~

Using Speakeasy Emulation Framework Programmatically to Unpack Malware

~ 11 Nov 2020 ~

Click Security because "click happens"

~ 31 Aug 2020 ~

Seny Kamara on "Crypto for the People"

~ 25 Aug 2020 ~

Our New Blog

~ 17 Aug 2020 ~

How Unsecure gRPC Implementations Can Compromise APIs, Applications

~ 13 Aug 2020 ~

XCSSET Mac Malware: Infects Xcode Projects, Performs UXSS Attack on Safari, Other Browsers, Leverages Zero-day Exploits

~ 12 Aug 2020 ~

August Patch Tuesday Fixes Critical IE, Important Windows Vulnerabilities Exploited in the Wild

~ 10 Aug 2020 ~

Pen Test Partners: Boeing 747s receive critical software updates over 3.5" floppy disks

~ 6 Aug 2020 ~

Water Nue Phishing Campaign Targets C-Suites Office 365 Accounts

~ 28 Jul 2020 ~

Mirai Botnet Exploit Weaponized to Attack IoT Devices via CVE-2020-5902

~ 27 Jul 2020 ~

Ensiko: A Webshell With Ransomware Capabilities

~ 17 Jul 2020 ~

Updates on ThiefQuest, the Quickly-Evolving macOS Malware

~ 15 Jul 2020 ~

Patch Tuesday: Fixes for Wormable Windows DNS Server RCE, SharePoint Flaws

~ 8 Jul 2020 ~

New Fraud Ring "Bargain Bear" Brings Sophistication to Online Crime

New Mirai Variant Expands Arsenal, Exploits CVE-2020-10173

~ 18 Jun 2020 ~

Theft of CIA's "Vault Seven" Hacking Tools Due to Its Own Lousy Security

~ 17 Jun 2020 ~

Bank Card "Master Key" Stolen

~ 10 Jun 2020 ~

Solving a Mailing List "Gap Spam" Problem

~ 8 Jun 2020 ~

"Must Have" Free Resources for Open-Source Intelligence (OSINT)

"Must Have" Free Resources for Malware Analysis

~ 5 Jun 2020 ~

New Research: "Privacy Threats in Intimate Relationships"

~ 2 Jun 2020 ~

"Sign in with Apple" Vulnerability

~ 30 May 2020 ~

This $350 "Anti-5G" Device Is Apparently Just a USB Stick

~ 15 May 2020 ~

Friday Squid Blogging: Vegan "Squid" Made from Chickpeas

~ 20 Apr 2020 ~

How Can I Help My Users Spot Disinformation?

~ 8 Apr 2020 ~

Limited Shifts in the Cyber Threat Landscape Driven by COVID-19

~ 7 Apr 2020 ~

Thinking Outside the Bochs: Code Grafting to Unpack Malware in Emulation

~ 27 Mar 2020 ~

Social Engineering Based on Stimulus Bill and COVID-19 Financial Compensation Schemes Expected to Grow in Coming Weeks

~ 12 Feb 2020 ~

"Distinguished Impersonator" Information Operation That Previously Impersonated U.S. Politicians and Journalists on Social Media Leverages Fabricated U.S. Liberal Personas to Promote Iranian Interests

~ 24 Jan 2020 ~

Nice Try: 501 (Ransomware) Not Implemented

~ 19 Dec 2019 ~

From dropbox(updater) to NT AUTHORITY\SYSTEM (another eop via hardlink)

~ 12 Dec 2019 ~

From iPhone to NT AUTHORITY\SYSTEM

~ 11 Dec 2019 ~

Toys R Us Is BackNow With More Surveillance\!

~ 25 Nov 2019 ~

FIDL: FLAREs IDA Decompiler Library

XOR "encryption" in Forticlient/FortiGate used for FortiGuard Web Filter cloud lookups, leak full HTTP URLs of web surfing activity

~ 20 Nov 2019 ~

The Likely Reason Disney\+ Accounts Are Getting 'Hacked'

~ 19 Nov 2019 ~

Bringing "new" life into some old hacks on the lock screen

~ 14 Nov 2019 ~

Attention is All They Need: Combatting Social Media Information Operations With Neural Language Models

~ 13 Nov 2019 ~

[Zine] Newbie learns to break a vendor's crypto: "The Tale of the Dubious Crypto"

~ 21 Oct 2019 ~

A thread about "NordVPN was compromised at some point."

~ 17 Oct 2019 ~

Definitive Dossier of Devilish Debug Details Part Deux: A Didactic Deep Dive into Data Driven Deductions

~ 7 Oct 2019 ~

The UK has left the Common Criteria security certification scheme (that it co-founded), noting it's "diminishing relevance"

~ 3 Oct 2019 ~

IDA, I Think Its Time You And I Had a Talk: Controlling IDA Pro With Voice Control Software

~ 26 Sep 2019 ~

On Chinese "Spy Trains"

~ 9 Sep 2019 ~

Facebook Patches "Memory Disclosure Using JPEG Images" Flaws in HHVM Servers

~ 7 Sep 2019 ~

Open Sourcing StringSifter

~ 27 Aug 2019 ~

How Do I Handle Security Alert Fatigue?

~ 23 Aug 2019 ~

License Plate "NULL"

~ 15 Aug 2019 ~

Sodinokibi ransomware searches for South Korean antivirus "Ahnlab" to inject its payload (because its autoup.exe is vulnerable). Also uses Windows' CompMgmtLauncher.exe's complete lack of checks to bypass UAC.

~ 13 Aug 2019 ~

Showing Vulnerability to a Machine: Automated Prioritization of Software Vulnerabilities

Live stream flailing ( start at 1HR 37Min ) install the new high security OS called "Qubes" finding it horrible to install and even worse to use.

~ 12 Aug 2019 ~

Is My Development Environment at Risk?

~ 9 Aug 2019 ~

PINJECTRA: Known Windows 10 64-bit Process Injection Techniques + New One (dubbed "Stack Bomber") as a C++ Library

~ 8 Aug 2019 ~

Finding Evil in Windows 10 Compressed Memory, Part Three: Automating Undocumented Structure Extraction

Finding Evil in Windows 10 Compressed Memory, Part Two: Virtual Store Deep Dive

~ 6 Aug 2019 ~

Clamav: Denial of service through "better zip bomb"

~ 5 Aug 2019 ~

New AWS "vulnerable by design" CloudGoat scenario inspired by the Capital One breach

~ 4 Aug 2019 ~

"Three (And A Half) Vulns For The Price of One!" - XSS, SSRF, and XXE in a single input box

~ 3 Aug 2019 ~

My writeup for Fortune. This was my first "Insane" ranked box.

~ 29 Jul 2019 ~

How Can We Stop Ransomware From Spreading?

~ 26 Jul 2019 ~

Underscoring the "private" in private key: Recovering the private key for a valid certificate from the Amazon Music app

~ 24 Jul 2019 ~

VLC "security issue"

~ 9 Jul 2019 ~

CloudGoat, the "Vulnerable by Design" AWS Deployment Tool, Official Scenario Walkthrough: rce_web_app

"The Risks of an IT Versus OT Paradigm"

~ 26 Jun 2019 ~

Microsoft Adds 2FA-Protected "Personal Vault" Within OneDrive Cloud Storage

Microsoft Adds 2FA-Protected "Personal Vault" Within OneDrive Cloud Storage

~ 20 Jun 2019 ~

How Apple's "Find My" Feature Works

Free German lecture notes from a "Introduction to Web Security" lecture (around 100pages, is WIP)

~ 13 Jun 2019 ~

The Rise of "Purple Teaming"

~ 5 Jun 2019 ~

Government Sector in Central Asia Targeted With New HAWKBALL Backdoor Delivered via Microsoft Office Vulnerabilities

~ 30 May 2019 ~

Framing the Problem: Cyber Threats and Elections

~ 29 May 2019 ~

Is this plausible? "SIM Port Hack"

Learning to Rank Strings Output for Speedier Malware Analysis

~ 28 May 2019 ~

Network of Social Media Accounts Impersonates U.S. Political Candidates, Leverages U.S. and Israeli Media in Support of Iranian Interests

Nearly 1 Million Computers Still Vulnerable to "Wormable" BlueKeep RDP Flaw

~ 23 May 2019 ~

Is there a technical term for these "light codes"? I looked around on Wikipedia and could find any mention, seems like an interesting stego technique

~ 22 May 2019 ~

My first professional article: "Static Code Analysis A Personal Research Story"

~ 21 May 2019 ~

The U.S. Navy "attacked" the U.S. Air Force with a "Splunk Tool"

~ 20 May 2019 ~

The Concept of "Return on Data"

~ 16 May 2019 ~

0day "In the Wild" Spreadsheet by Google Project Zero

~ 14 May 2019 ~

"Web scraping considered dangerous": Exploiting the telnet service in scrapy < 1.5.2

~ 6 May 2019 ~

"7 Tips For Planning ICS Plant Visits"

~ 3 May 2019 ~

Friday Squid Blogging: Squid Skin "Inspires" New Thermal Sheeting

~ 2 May 2019 ~

"ICS Defenders: Light up your green, blue or purple lightsabers"

"ICS Defenders - Light up your green, blue or purple lightsabers"

~ 1 May 2019 ~

Insane bad security for download server from O&O "ShutUp10" tool

~ 20 Apr 2019 ~

(Thai) In-depth Analysis of "SUDO_INJECT" Privilege Escalation Vulnerability

~ 17 Apr 2019 ~

A "Department of Cybersecurity"

~ 16 Apr 2019 ~

Spear Phishing Campaign Targets Ukraine Government and Military; Infrastructure Reveals Potential Link to So-Called Luhansk People's Republic

~ 15 Apr 2019 ~

FLASHMINGO: The FireEye Open Source Automatic Analysis Tool for Flash

~ 12 Apr 2019 ~

Encrypted Messaging Project "Matrix" Suffers Extensive Cyber Attack

~ 9 Apr 2019 ~

Churning Out Machine Learning Models: Handling Changes in Model Predictions

~ 7 Apr 2019 ~

My first POC: Gaining root access to a kubernetes node with a "bad" container. Comments welcome

~ 26 Mar 2019 ~

Researchers use fake "Breaking News" alerts to illustrate a stupid-easy web exploit