Talkback

AI Powered Infosec Resource Aggregator to Boost Productivity.

Developed by elttam

Trending Resources See all
We Spent $20 To Achieve RCE And Accidentally Became The Admins Of .MOBI net exp app

Researchers discovered a major incident involving the takeover of an abandoned WHOIS server domain, leading to unintended consequences and potentially compromising the security and integrity of Internet communications.

“Unstripping” binaries: Restoring debugging information in GDB with Pwndbg rev exp

Jason An extended the Pwndbg plugin for GDB by integrating it with Binary Ninja to enhance debugging capabilities, including dumping Go structures and improving the debugging experience for Go binaries.

Veeam Backup & Response - RCE With Auth, But Mostly Without Auth (CVE-2024-40711) exp app

Veeam Backup & Replication has a history of vulnerabilities, including the latest unauthenticated RCE (CVE-2024-40711) affecting version 12.1.2.172 and below, with a complex exploitation process and patching procedure.

ADCS Attack Paths in BloodHound — Part 3 net

The blog post explores domain escalation techniques in BloodHound related to Active Directory Certificate Services (ADCS) and discusses how implicit certificate mapping can be abused for authentication.

Elastic releases the Detection Engineering Behavior Maturity Model — Elastic Security Labs net

The Detection Engineering Behavior Maturity Model (DEBMM) guides security teams in enhancing threat detection capabilities through structured improvements in processes and behaviors across five maturity tiers, emphasizing continuous improvement, flexibility, and the development of quality detection rulesets to reduce false positives and enhance detection accuracy.

Targeted Iranian Attacks Against Iraqi Government Infrastructure mal net

Check Point Research discovered new malware named Veaty and Spearal used in attacks against Iraqi entities, including government networks, with ties to APT34 malware families and Iranian MOIS affiliation, utilizing unique C2 mechanisms like DNS tunneling and email-based channels.

Indexed Resources