Aggregator
Cross-Domain Attacks: A Growing Threat to Modern Security and How to Combat Them
1 year 6 months ago
In the past year, cross-domain attacks have gained prominence as an emerging tactic among adversaries. These operations exploit weak points across multiple domains – including endpoints, identity systems and cloud environments – so the adversary can infiltrate organizations, move laterally and evade detection. eCrime groups like SCATTERED SPIDER and North Korea-nexus adversaries such as FAMOUS
The Hacker News
Cross-Domain Attacks: A Growing Threat to Modern Security and How to Combat Them
1 year 6 months ago
Cloud Security / Threat IntelligenceIn the past year, cross-domain attacks have gained prominence
蜜罐反制的现状与未来
1 year 6 months ago
内部分享
透明人
SmuggleShield – Browser Extension to Detect HTML Smuggling Attacks
1 year 6 months ago
SmuggleShield, a recently launched browser extension, is gaining attention in the cybersecurity space for its innovative approach to mitigating HTML smuggling attacks. With its stable version (2.0) now available, SmuggleShield provides an additional layer of protection for everyday internet users, security professionals, and red/purple team exercises. While not a perfect or exhaustive solution, its cutting-edge […]
The post SmuggleShield – Browser Extension to Detect HTML Smuggling Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
Divya
Researchers Say New AI Outperforms Other Models on Data Science Tasks
1 year 6 months ago
Authors:(1) Sirui Hong, DeepWisdom and these authors contributed equally to this work;(2) Yizhang
AI Crushes the Competition in Math, Machine Learning, and Open-Ended Tasks—Here’s How It Did It
1 year 6 months ago
Authors:(1) Sirui Hong, DeepWisdom and these authors contributed equally to this work;(2) Yizhang
New AI Plans, Learns, and Adapts in Real Time—One Task at a Time
1 year 6 months ago
Authors:(1) Sirui Hong, DeepWisdom and these authors contributed equally to this work;(2) Yizhang
Researchers Are Teaching AI to Plan, Think, and Build Its Own Tools—for Data Science
1 year 6 months ago
Authors:(1) Sirui Hong, DeepWisdom and these authors contributed equally to this work;(2) Yizhang
This New AI Tool Claims to Solve Data Problems Better Than Anything Else—Here’s Why That Matters
1 year 6 months ago
Authors:(1) Sirui Hong, DeepWisdom, and these authors contributed equally to this work;(2) Yizhan
Three Russian-German nationals charged with suspicion of secret service agent activity
1 year 6 months ago
Three Russian-German nationals charged with suspicion of secret service agent activit
Three Russian-German nationals charged with suspicion of secret service agent activity
1 year 6 months ago
German authorities have charged three Russian-German nationals with suspicion of, among other things, secret service agent activity for the Russian government. German authorities have charged three Russian-German nationals on suspicion of activities including acting as secret service agents for the Russian government. On 9 December 2024, the Federal Prosecutor’s Office filed charges against the German-Russian nationals before […]
Pierluigi Paganini
Must-Read Cyble Research Reports of 2024: Trends and Key Takeaways
1 year 6 months ago
Of the many reports created by Cyble’s talented team of threat researchers this year, sev
EKS 集群中的特权服务帐户访问权限获取
1 year 6 months ago
环境异常 当前环境异常,完成验证后即可继续访问。 去验证
EKS 集群中的特权服务帐户访问权限获取
1 year 6 months ago
#这一章节讲述了一个关于EKS集群的挑战,其中的pod没有权限访问EKS节点的特权服务账户。通过利用IMDSv1和AWS CLI生成认证令牌,可以获取到节点的服务账户权限,并且使用kubectl命令进行身份验证。然而,由于权限被限制,需要进一步探索才能找到隐藏在集群中的flag。最后,成功解密flag并获得挑战胜利。这个挑战强调了在Kubernetes环境中即使没
有权限也可以通过一些技巧来提升权限的重要性。#云安全 #渗透测试 #枇杷哥加入黑伞安全知识星球,优惠卷+ gnosismask
Dozens of Chrome Browser Extensions Hijacked by Data Thieves
1 year 6 months ago
Over 2.5 million end users are at risk as researchers discover 36 compromised Chrome extensions
ARM系统深度调试与逆向:深入了解ARM架构3大系列
1 year 6 months ago
直播授课,小班教学
35个Chrome扩展被劫持,黑客攻击细节披露
1 year 6 months ago
黑客通过钓鱼攻击劫持35款Chrome扩展,影响数十万用户。
Hyper-V拒绝服务漏洞CVE-2024-43633分析
1 year 6 months ago
看雪论坛作者ID:王cb
35个Chrome扩展被劫持,黑客攻击细节披露
1 year 6 months ago
近期,网络安全领域发生了一起严重的黑客攻击事件,至少35个Chrome扩展被黑客劫持。此次攻击的目标包括了知名网络安全公司Cyberhaven的扩展,显示出攻击者的技术手段相当高明。攻击始于2024年