Rosecurify

Seclog - #58

It is not enough to have a good mind; the main thing is to use it well. — René Descartes

📰 SecLinks

Owning a Bitcoin ATM - Security analysis of Bitcoin ATMs, discussing vulnerabilities and implications. Read More

Rook to XSS: How I hacked chess.com with a rookie exploit - A detailed case study of exploiting a cross-site scripting vulnerability on a popular website. Read More

Attack of the week: Airdrop tracing - Exploration of security flaws in airdrop technology and their potential impacts. Read More

Gambio 4.9.2.0 - Insecure Deserialization - Technical breakdown of a specific security vulnerability. Read More

Cloud Threat Landscape: A Cloud Threat Intelligence Database | Wiz - An overview of the current threats in cloud computing. Read More

Top 10 web hacking techniques of 2023 - PortSwigger - Review of the most influential web hacking methods of the past year. Read More

“MyFlaw” — Cross Platform 0-Day RCE Vulnerability Discovered in Opera’s Browser - Analysis of a critical vulnerability found in Opera's browser. Read More

Ivanti vulnerabilities - recap - Koen Van Impe - A recap of recent vulnerabilities discovered in Ivanti products. Read More

Yin Yang Metaphor of DNS Privacy - Discussion on the balance between DNS functionality and privacy. Read More

CVE-2023-5480: Chrome new XSS Vector - Slonser Notes - Examination of a new XSS vector found in Chrome. Read More

Bypassing browser tracking protection for CORS misconfiguration abuse - Insights into how CORS misconfigurations can be exploited. Read More

GitLab Critical Security Release: 16.8.1, 16.7.4, 16.6.6, 16.5.8 - Information on critical security updates for GitLab. Read More

🐦 SecTweet

Massimo on X - Tweet about a tool for replicating keys without the original. View Tweet

🎥 SecVideo

Securing CI/CD Runners Through eBPF Agent - A video discussing the security of CI/CD runners using eBPF Agent. Watch Here

💻 SecGit

kondukto-io/kntrl - An eBPF based CI/CD security tool. Explore on GitHub

horizon3ai/CVE-2024-0204 - Authentication Bypass in GoAnywhere MFT. Explore on GitHub

RedTeamPentesting/pretender - A tool for relaying attacks featuring multiple spoofing techniques. Explore on GitHub

kunai-project/kunai - A threat-hunting tool for Linux. Explore on GitHub

ACK-J/postMessage-tracker-firefox - A Firefox Extension for tracking postMessage usage. Explore on GitHub

nicocha30/ligolo-ng - An advanced tunneling/pivoting tool using a TUN interface. Explore on GitHub

Suggestions & Feedback

Enjoyed this post? Subscribe to Seclog for more in-depth security analysis and updates.

For any suggestions or feedback, please contact us at: [email protected]

Subscribe to Seclog

Enjoyed this post? Subscribe for more in-depth security analysis and updates direct to your inbox.

No spam. Only high-security insights. Unsubscribe at any time.

Share this Seclog:

← Back to Seclog