Talkback
AI Powered Infosec Resource Aggregator to Boost Productivity.
Developed by elttam
Researchers discovered a major incident involving the takeover of an abandoned WHOIS server domain, leading to unintended consequences and potentially compromising the security and integrity of Internet communications.
Jason An extended the Pwndbg plugin for GDB by integrating it with Binary Ninja to enhance debugging capabilities, including dumping Go structures and improving the debugging experience for Go binaries.
Veeam Backup & Replication has a history of vulnerabilities, including the latest unauthenticated RCE (CVE-2024-40711) affecting version 12.1.2.172 and below, with a complex exploitation process and patching procedure.
The blog post explores domain escalation techniques in BloodHound related to Active Directory Certificate Services (ADCS) and discusses how implicit certificate mapping can be abused for authentication.
The Detection Engineering Behavior Maturity Model (DEBMM) guides security teams in enhancing threat detection capabilities through structured improvements in processes and behaviors across five maturity tiers, emphasizing continuous improvement, flexibility, and the development of quality detection rulesets to reduce false positives and enhance detection accuracy.
Check Point Research discovered new malware named Veaty and Spearal used in attacks against Iraqi entities, including government networks, with ties to APT34 malware families and Iranian MOIS affiliation, utilizing unique C2 mechanisms like DNS tunneling and email-based channels.