The spirit, the will to win, and the will to excel, are the things that endure. These qualities are so much more important than the events that occur. — Vince Lombardi

📚 SecMisc

Not by AI - A resource for understanding the nuances and advances in artificial intelligence. Read More

📰 SecLinks

Relishing new Fickling features for securing ML systems - Trail of Bits Blog discusses the latest enhancements in Fickling for better security of ML systems. Read More

NIST 800-207A: Implementing Zero Trust Architecture - InfoQ presents a comprehensive guide on implementing Zero Trust Architecture as per NIST 800-207A. Read More

pgAdmin Path Traversal in Session Handling - Shielder reveals a critical path traversal vulnerability in pgAdmin. Read More

LLM Prompt Injection Worm - Schneier on Security examines the emergence of the LLM Prompt Injection Worm. Read More

Securing Cloudflare with Cloudflare: A Zero Trust Journey - Cloudflare's own journey implementing Zero Trust within its systems. Read More

Cloudflare Announces Firewall for AI - Introduction of a new Firewall specifically designed for AI by Cloudflare. Read More

Conditional Prompt Injection Attacks with Microsoft Copilot - Embrace The Red explores the vulnerabilities in Microsoft Copilot through conditional prompt injection attacks. Read More

Leaking NTLM Credentials Through Windows Themes - Akamai's research on how Windows themes can be exploited to leak NTLM credentials. Read More

Kaspersky Spam and Phishing Report for 2023 - An analysis of the spam and phishing trends in 2023 by Kaspersky. Read More

New Malicious PyPI Packages used by Lazarus - JPCERT/CC discusses Lazarus's use of malicious PyPI packages. Read More

Source Code Disclosure in ASP.NET apps - PT SWARM highlights the risks of source code disclosure in ASP.NET applications. Read More

Detecting Phishing Sites Using ChatGPT - A study on leveraging ChatGPT for identifying phishing websites. Read More

SolarWinds Security Event Manager AMF deserialization RCE - Analysis of a remote code execution vulnerability in SolarWinds Security Event Manager. Read More

🎥 SecVideo

I Made Malware In Under 20 Minutes - A YouTube tutorial demonstrating the creation of malware in a short span of time. Watch Here

💻 SecGit

Knox: Secret Management Service by Pinterest - Knox, developed by Pinterest, offers a secure way to manage secrets. Explore on GitHub

SploitScan: Cybersecurity Utility - SploitScan, a comprehensive tool for vulnerability assessment and PoC exploits. Explore on GitHub

AI-Exploits: Real World AI/ML Exploits Collection - A collection of real-world AI and ML exploits for responsibly disclosed vulnerabilities. Explore on GitHub

DOT: The Deepfake Offensive Toolkit - Sensity AI's toolkit for creating and understanding deepfakes. Explore on GitHub

GSocket: Firewall Bypass Tool - A tool designed to securely connect through firewalls. Explore on GitHub

OpenGFW: Open Source GFW Implementation - OpenGFW provides a flexible and easy-to-use implementation of the Great Firewall of China on Linux. Explore on GitHub

← Back to Seclog