HN SecurityHello Rustaceans! Our technical director @raptor is back at it.
In this second installment of our #Rust series, “An offensive Rust encore”, he will guide you in bringing your skills to the next level by using a new PoC #RedTeaming tool as an excuse:
@asicc
- 3 Followers
- 57 Following
- 81 Posts
BleepingComputerChinese hackers targeting large IT service providers in Southern Europe were seen abusing Visual Studio Code (VSCode) tunnels to maintain persistent access to compromised systems.
/r/netsecThe Ultimate Handheld Hacking Device - My Experience with NetHunter https://andy.codes/blog/security_articles/2024-11-27-the-ultimate-handheld-hacking-device.html
2024-11-27 - The Ultimate Handheld Hacking Device - My Experience with NetHunter - Andy Codes
This page is a collection of topics I've studied and practiced during my transition from software engineering to offensive security, including my notes from a variety of certifications (such as OSCP, OSWA, and OSWP).
Mandiant has identified a novel method to bypass contemporary browser isolation technology and achieve command-and-control C2 operations.
From XSS Vulnerability to Full Admin Access https://haymiz.dev/security/2024/11/25/stored-xss-takeover/
hack_luDon't forget, all the videos from hack.lu 2024 will be available on https://administraitor.video/edition/Hack.lu/2024 after each talk, provided the speaker has agreed to publish it.
Lukasz OlejnikCyber-enabled information operation by allegedly Iranian actors has some success - Trump campaign data emerged in public via an independent journalist outlet. They apparently ask it to be attributed to them, not Iran's cyber operators. https://www.reuters.com/world/us/accused-iranian-hackers-successfully-peddle-stolen-trump-emails-2024-10-25/
U.S. Intelligence agencies say that Russian actors manufactured and amplified a video that falsely depicted an individual ripping up ballots in Pennsylvania. It's debunked by election officials, too. https://www.cisa.gov/news-events/news/joint-odni-fbi-and-cisa-statement-0
U.S. Intelligence agencies say that Russian actors manufactured and amplified a video that falsely depicted an individual ripping up ballots in Pennsylvania. It's debunked by election officials, too. https://www.cisa.gov/news-events/news/joint-odni-fbi-and-cisa-statement-0
Give Me the Green Light Part 1: Hacking Traffic Control Systems https://www.redthreatsec.com/blog/greenlightspart1
Lennart PoetteringThere's a feature added to Linux 6.9 that I think people should become more aware of: there's finally an identifier for processes that doesn't wrap around as easily as UNIX pid_t PIDs do: the pidfd file descriptors have been moved onto their own proper file system (pidfs), which enabled at the same time unique inode numbers for them.
pancake 
"Byepervisor: How we broke the PS5 Hypervisor" https://github.com/PS5Dev/Byepervisor/blob/main/Byepervisor_%20Breaking%20PS5%20Hypervisor%20Security.pdf #ps5 #security
