GitHub - trailofbits/pip-audit: Audits Python environments and dependency trees for known vulnerabilities
github.com

pip-audit - 用于扫描 Python 环境依赖库是否涉及已知漏洞的工具 Jett • 2 hours ago

0   

Exploiting Vulnerabilities in a TLD Registrar to Takeover Tether, Google, and Amazon
palisade.consulting

Exploiting Vulnerabilities in a TLD Registrar to Takeover Tether, Google, and Amazon Jett • 2 hours ago

0   

Tracking a P2P network related to TA505 – NCC Group Research
research.nccgroup.com

Tracking a P2P network related to TA505 Jett • 2 hours ago

0   

Azure Privilege Escalation via Azure API Permissions Abuse
posts.specterops.io

Azure Privilege Escalation via Azure API Permissions Abuse Jett • 2 hours ago

0   

Jumping the air gap: 15 years of nation‑state effort | WeLiveSecurity
www.welivesecurity.com

ESET 研究员对近 15 年公开攻击中涉及的穿透物理隔离边界的框架的分析 Jett • 2 hours ago

0   

Project Zero: This shouldn't have happened: A vulnerability postmortem
googleprojectzero.blogspot.com

Project Zero Tavis Ormandy 在 Mozilla NSS 加密库中发现一个内存破坏漏洞 Jett • 2 hours ago

0   

TALOS-2021-1352 || Cisco Talos Intelligence Group - Comprehensive Threat Intelligence
talosintelligence.com

Google Chrome Blink setBaseAndExtent use after free vulnerability Jett • 3 hours ago

0   

GitHub - l0ggg/VMware_vCenter: VMware vCenter 7.0.2.00100 unauth Arbitrary File Read + SSRF + Reflected XSS
github.com • Web

VMware vCenter 7.0.2.00100 版本任意文件读、SSRF、XSS 漏洞 Jett • 3 hours ago

0   

Watch Your Step(ping): Atoms Breaking Apart
grsecurity.net

研究员发现 Intel(R) Atom CPU Bug Jett • 1 day ago

0   

[PDF] https://labs.f-secure.com/assets/BlogFiles/Printing-Shellz.pdf
labs.f-secure.com

Printing-Shellz - 惠普多功能打印机的安全研究报告 Jett • 1 day ago

0   

Discovering Full Read SSRF in Jamf (CVE-2021-39303 & CVE-2021-40809) – Assetnote
blog.assetnote.io • Pentest

IT 管理软件 Jamf Pro SSRF 漏洞分析 Jett • 1 day ago

0   

CVE-2021-21234 Spring Boot Actuator Logview Directory Traversal
pyn3rd.github.io

CVE-2021-21234 Spring Boot Actuator Logview Directory Traversal Jett • 1 day ago

0   

Arbitrary package tampering in Deno registry + Code Injection in encoding/yaml
blog.ryotak.me

Arbitrary package tampering in Deno registry + Code Injection in encoding/yaml Jett • 1 day ago

0   

Apache Storm 漏洞分析
noahblog.360.cn

Apache Storm 漏洞分析 Jett • 1 day ago

1   

xray 终极反制实践
koalr.me

xray 终极反制实践 Jett • 1 day ago

0   

CVE-2021-22205 GitLab RCE之未授权访问深入分析(一)
天融信阿尔法实验室

CVE-2021-22205 GitLab RCE 之未授权访问深入分析(一) Jett • 1 day ago

0   

New Sony patent: "Spoofing CPUID For Backwards Compatibility" (filed by Mark Cerny)
www.neogaf.com • iOS

New Sony patent: "Spoofing CPUID For Backwards Compatibility" . lanying37 • 1 day ago

0   

PetitPotam - NTLM Relay to AD CS
www.youtube.com

PetitPotam - 对 AD CS 证书服务进行 NTLM 中继攻击演示视频. lanying37 • 1 day ago

0   

安卓 APT 间谍软件 GnatSpy 分析
paper - Last paper

针对安卓 APT 间谍软件 GnatSpy 分析. lanying37 • 1 day ago

0   

Loading