"The enemy does not check your risk register prior to attacking." - Sun Tzu, The Art of Cyber War

📚 SecMisc #

PoisonTap - Exploiting locked computers through USB peripherals, demonstrating techniques to bypass security measures on locked machines. Read More

Securing 4 C's of a Software Product - Comprehensive guide focusing on implementing AWS security measures across different product components. Read More

📰 SecLinks #

GitHub Enterprise SAML Bypass - Analysis of critical authentication bypass vulnerabilities affecting GitHub Enterprise Server. Read More

Sharing Secrets - Comprehensive guide exploring various methodologies and best practices for secure secret sharing in organizations. Read More

IBM Security Verify Access - Detailed analysis of 32 security vulnerabilities discovered in IBM's security platform. Read More

Fortune 500 Supply Chain - Investigation into hidden supply chain vulnerabilities affecting Fortune 500 companies. Read More

Ubuntu Privilege Escalation - Technical analysis of root privilege escalation techniques in Ubuntu 24.04. Read More

Application Security Assessment - Methodological approach to effectively evaluate application security posture. Read More

Citrix Remote Access - Research on critical vulnerabilities in Citrix Virtual Apps and Desktops. Read More

Arc Browser Security - Discovery of UXSS, local file read, and RCE vulnerabilities in Arc Browser. Read More

Firefox Animation Bug - Technical analysis of CVE-2024-9680 affecting Firefox's animation system. Read More

SoftBank Mesh Analysis - In-depth vulnerability research on SoftBank Mesh RP562B devices. Read More

CVE-2024-47575 - Detailed analysis and impact assessment of critical vulnerability. Read More

Incident Response Evolution - Case study on the development of incident response processes at Podia. Read More

VPN Trust Analysis - Critical examination of trust issues in modern VPN services. Read More

GuardDuty Bypass - Techniques for bypassing AWS GuardDuty pentest detection mechanisms. Read More

AI Red Team Services - Introduction to CrowdStrike's new AI security testing capabilities. Read More

AWS Ransomware - Comprehensive guide on effective AWS ransomware techniques and prevention. Read More

Technical Team Leadership - Insights into effectively leading technical security teams. Read More

JWT Attack Methods - Analysis of attack vectors using self-signed JWT claims. Read More

🐦 SecX #

Apple Security Feature - Discussion on newly implemented security features in Apple systems. Watch Here

Ethernet History - Historical perspective on the creation and implementation of Ethernet. Watch Here

Malware Museum - Announcement of the upcoming Museum of Malware Art in Helsinki. Watch Here

Password Comic - Historical Foxtrot comic highlighting password management challenges. Watch Here

Gnark Vulnerability - Technical thread on memory vulnerability discovery in Gnark. Watch Here

🎥 SecVideo #

BlueHat 2024 - Complete collection of presentations from BlueHat 2024 security conference. Watch Here

CURL Analysis - Deep dive into CURL HTTPS verbose output analysis. Watch Here

Cities Skylines Malware - Comprehensive reverse engineering analysis of Cities Skylines II malware. Watch Here

💻 SecGit #

CVE-2024-50340-eos-exploit - Exploit implementation for Symfony vulnerability. Explore on GitHub

C2TeamServer - Framework for Command and Control server implementation. Explore on GitHub

web-chains - Java payload generation and exploitation toolkit. Explore on GitHub

← Back to Seclog