17°C
ciel dégagé
Japanâs election last month and the rise of the countryâs newest and most innovative political party, Team Mirai, illustrates the viability of a different way to do politics. In this model, technology is used to make democratic processes...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
So, I've been slow to get on the Claude Code/OpenCode/Codex/OpenClaw bandwagon, but I had some time last week so I asked Claude to review (/security-review) some of my python scripts. He found more than I'd like to admit, so I checked in a bunch...
Dear blog readers, Continuing the "When Data Mining Conti Leaks Leads to Actual Binaries and to a Hardcoded C2 With an Encryption Key on Tripod.com - Part Three" blog post series in this post I'll continue analyzing the next malicious software...
Itâs an impressive feat, over a decade after the box was released: Since reset glitching wasnât possible, Gaasedelen thought some voltage glitching could do the trick. So, instead of tinkering with the system rest pin(s) the hacker targeted the...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Dear blog readers,In this post I'll provide actionable intelligence based on the research and analysis which I posted in my previous "Dissecting the RAMP (Russian Anonymous Marketplace) Ransomware Forum - An Analysis" blog post and will provide...
Dear blog readers,In this post I'll provide actionable intelligence on all the BitCoin wallet addresses from the RAMP (Russian Anonymous Marketplace) forum members with the idea to assist the security community fellow researchers and U.S Law...
Dear blog readers,Continuing my previous post "Dissecting the RAMP (Russian Anonymous Marketplace) Ransomware Forum - An Analysis" I this post I'll provide actionable cyber threat actor attribution intelligence and personally identifiable...
Dear blog readers, Continuing the "When Data Mining Conti Leaks Leads to Actual Binaries and to a Hardcoded C2 With an Encryption Key on Tripod.com - Part Two" blog post series in this post I'll continue analyzing the next malicious software...
Conversor is a Linux box hosting a Flask web application that converts nmap XML output to HTML using XSLT. Iâll find the source code and exploit insecure use of os.path.join to write a Python reverse shell into a cron-executed scripts directory,...
The population needs better conservation. As usual, you can also use this squid post to talk about the security stories in the news that I havenât covered. Blog moderation policy.
404 Media has a story about Proton Mail giving subscriber data to the Swiss government, who passed the information to the FBI. Itâs metadataâpayment information related to a particular accountâbut still important knowledge. This sort of thing...
Yesterday, I discovered a malicious Bash script that installs a GSocket backdoor on the victimâs computer. I donât know the source of the script not how it is delivered to the victim. GSocket[1] is a networking tool, but also a relay...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Introduction In this final chapter of our series on vulnerabilities in Intego's macOS products, we pick up where part 2 left off. We previously showed how a TOCTOU PID reuse Race Condition could be used to bypass XPC authentication checks in all...
Someone tries to remote control his own DJI Romo vacuum, and ends up controlling 7,000 of them from all around the world. The IoT is horribly insecure, but we already knew that.
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
This activity was found and reported by BACS student Adam Thorman as part of one of his assignments which I posted his final paper [1] last week. This activity appeared to only have occurred on the 19 Feb 2026 where at least 2 sensors detected on...
A very popular target of attackers scanning our honeypots is "phpmyadmin". phpMyAdmin is a script first released in the late 90s, before many security concepts had been discovered. It's rich history of vulnerabilities made it a favorite target....
Aucun article de sécurité disponible