You might like
Success! Synacktiv was able to execute a heap-based buffer overflow in the kernel triggered via WiFi and leading to RCE against the Wyze Cam v3. They earn $15,000 and 3 Master of Pwn points. #Pwn2Own
Our team published a post about the #3cx supply chain attack. We describe the Windows & the MacOS backdoors. The timeline: the GitHub repo on December 7 & the infrastructure in November... Few months later a malicious update was sent to the customers : volexity.com/blog/2023/03/3…
Watchout! CVE-2023-22809 on Sudo was patched today to prevent a privilege escalation on sudoedit. Read the security advisory by @aevy__ and @v1csec: synacktiv.com/sites/default/…
Let the bees out! Escaping from the bhyve hypervisor by @abu_y0ussef 🐝 synacktiv.com/publications/e…
I published a new article about an ESXi encryptor we found during a case. Let me know if you found a similar sample and are willing to share! #dfir #Ransomware
During an incident response, our CSIRT discovered an ESXi ransomware called PrideLocker, based on Babuk ESX encryptor whose source code leaked in 2021, with new additions and obfuscation. Our latest blog post provides an in-depth analysis of PrideLocker. synacktiv.com/publications/p…
If you see two guys wearing Synacktiv t-shirts with big antennas, you should turn around with your @Tesla! 0-click RCE demonstration on a real vehicle, with CAN messages sent to switch on headlights, wipers and trunk 😎 #Pwn2Own
🔊 For #BlackAlps day 2, @_p0ly_ tells us about his journey into pwning the Sonos One Speaker!
#BlackAlps is starting! @netsecurity1, @cleptho and @abu_y0ussef are on stage to present their work on the Canon printer pwning during last year #Pwn2Own.
Hey :) New blog post detailing Raccoon V1 management infrastructure (victim storage location, Telegram update server, etc), MaaS infrastructure location + link to CC2BTC marketplace. Once again, feedback warmly-welcomed 😄
BLOG POST: In this blog post we examine the upstream management infrastructure of Raccoon V1, including insight into the operators' wider business model - with connections to the #CC2BTC marketplace identified. #RaccoonStealer team-cymru.com/post/inside-th…
team-cymru.com
Exploring the V1 Raccoon Stealer: Team Cymru's Insight
Stay ahead of the latest cybersecurity threats with Team Cymru's expert analysis. Dive deep into the V1 Raccoon Stealer's den and learn how it operates and the possible connections to Kharkiv and the...
Remote Admin tools are being more and more abused by threat actors. In our latest blogpost, @ektoplasma_ wondered what traces could be leveraged during investigations regarding some usual suspects: TeamViewer, AnyDesk, Atera, and SplashTop. synacktiv.com/publications/l…
Yes - New work released o/ <3
1st paper from my friend and @mandiant colleague @fumik0_ ! 🥰 From RM3 to LDR4: URSNIF Leaves Banking Fraud Behind. 👇 mandiant.com/resources/blog… #malware
Ever wanted to exploit a PHP file inclusion without having a file upload? Follow @_remsio_'s journey to discover PHP filter chains, ensuring they work properly, and transforming them into a tool. You can now convert almost any file inclusion to RCE! synacktiv.com/publications/p…
New blog post about an UEFI firmware bootkit! securelist.com/cosmicstrand-u… Research was led by our dearly missed @_marklech_
Our paper on Earth Berberoka is finally out ! It contains analysis of multiple Windows, Linux and Mac malware families (PuppetLoader, oRAT, PlugX, gh0st, Xnote, Hellobot, Pupy, Reptile...), 3 different infection vectors, links to multiple known #APT groups documents.trendmicro.com/assets/white_p…
Our ninjas are ready for their talk about hacking the Canon printer at @Cansecwest. 😄
Amazing demonstration by @_p0ly_ and @vdehors! 0-click RCE on the @Tesla infotainment in less than a minute!
Success! To kick things off for #Pwn2Own 2022 Day 2 in style, David BERARD and Vincent DEHORS from @Synacktiv demonstrated code execution on the @Tesla infotainment system resulting in a arbitrary file write and a switch unlock. #P2O15
Tomorrow during #CanSecWest, our ninjas @abu_y0ussef, @netsecurity1 and @cleptho will tell you how they compromised the Canon printer during the previous #Pwn2Own! cansecwest2022.sched.com/event/ztKJ/the…
Mehdi currently heading to the famous cybersecurity conference CanWildWest 🫣
Success! To kick things off for #Pwn2Own 2022 Day 2 in style, David BERARD and Vincent DEHORS from @Synacktiv demonstrated code execution on the @Tesla infotainment system resulting in a arbitrary file write and a switch unlock. #P2O15
The slides of our Botconf talk are now online. They contain infection vectors, a focus on a complex malware family sharing a flawed RC4 implementation with TigerPlug malware, victimology and attribution hints. Let me to know if you track this #APT group botconf.eu/wp-content/upl…
A few minutes ago at BotConf, I shared a script to import and export Twitter blocklists. I use it to block advertisers on the platform! Find my code and current list here: github.com/JusticeRage/tw…
United States Trends
- 1. #UFC322 75.4K posts
- 2. Kirby 17.1K posts
- 3. Prates 19.6K posts
- 4. Sark 4,626 posts
- 5. Leon 67.4K posts
- 6. Georgia 81.1K posts
- 7. Bo Nickal 6,250 posts
- 8. Ole Miss 9,939 posts
- 9. #GoDawgs 7,613 posts
- 10. Arch Manning 2,774 posts
- 11. Bama 21.3K posts
- 12. Dillon Danis 3,658 posts
- 13. Texas 190K posts
- 14. Ewing 6,918 posts
- 15. Gunner 5,252 posts
- 16. #AEWCollision 9,750 posts
- 17. Lebby 1,141 posts
- 18. Bronny 7,783 posts
- 19. Cash Jones N/A
- 20. Giannis 19.3K posts
You might like
-
Seongsu Park
@unpacker -
Artilllerie ☣
@Artilllerie -
JaromirHorejsi
@JaromirHorejsi -
S!Ri
@siri_urz -
Antelox
@Antelox -
d00rt
@D00RT_RM -
Artsiom Holub
@Mesiagh -
J.A.R.V.I.S
@peppermalware -
Catch all the Malwa
@MalwareCantFly -
Fafner [_KeyZee_]
@F_kZ_ -
Steve
@cheapbyte -
Davide Setti #netneutrality
@SettiDavide89 -
lc4m
@luc4m -
R136a1
@TheEnergyStory
Something went wrong.
Something went wrong.