| | Ghost Calls: Abusing Web Conferencing for Covert Command and Control (praetorian.com) |
| 9 points by justinludwig 3 months ago | past |
|
| | Introducing: GitHub Device Code Phishing (praetorian.com) |
| 4 points by cyberbender 5 months ago | past |
|
| | Introducing: GitHub Device Code Phishing (praetorian.com) |
| 1 point by campuscodi 5 months ago | past |
|
| | Node.js Repository Jenkins Code Execution and Potential Supply Chain Attack (praetorian.com) |
| 3 points by cyberbender 7 months ago | past | 1 comment |
|
| | Improved Detection Signature for the K8s IngressNightmare Vuln (praetorian.com) |
| 2 points by twoshores67 8 months ago | past |
|
| | Public secrets exposure leads to supply chain attack on GitHub CodeQL (praetorian.com) |
| 297 points by cyberbender 8 months ago | past | 61 comments |
|
| | Compromising Rspack Using GitHub Actions (praetorian.com) |
| 1 point by arshxyz on June 12, 2024 | past |
|
| | Obtaining Remote Code Execution in F5-Bigip via AJP Request Smuggling (praetorian.com) |
| 1 point by bouncyhat on Oct 26, 2023 | past | 1 comment |
|
| | Technical Advisory – Azure B2C – Crypto Misuse and Account Compromise (praetorian.com) |
| 2 points by PretzelFisch on Feb 25, 2023 | past |
|
| | Azure B2C – Crypto Misuse and Account Compromise (praetorian.com) |
| 1 point by Terretta on Feb 19, 2023 | past |
|
| | Uncontrollable AWS IAM: Sts:GetSessionToken, GetCallerIdentity, and Policy Sim (praetorian.com) |
| 2 points by nutbear on June 17, 2022 | past |
|
| | Spring Core on JDK9 is vulnerable to remote code execution (praetorian.com) |
| 157 points by groundshark on March 30, 2022 | past | 70 comments |
|
| | Nosey Parker: An AI Based Secrets Scanner That Out Sniffs the Competition (praetorian.com) |
| 5 points by twoshores67 on March 22, 2022 | past |
|
| | GoKart, a Smarter Go Security Scanner (praetorian.com) |
| 2 points by ngaut on Aug 23, 2021 | past |
|
| | GoKart (praetorian.com) |
| 1 point by InitialBP on Aug 19, 2021 | past |
|
| | Bypassing Google's Santa Application Whitelisting on macOS (#hacking) (praetorian.com) |
| 1 point by myover on June 12, 2019 | past |
|
| | Cloud Data Exfiltration via GCP Storage Buckets and How to Prevent It (praetorian.com) |
| 1 point by myover on June 6, 2019 | past |
|
| | What we learned from 100 Pen Tests, 75 Organizations, 450 Attack Vectors [pdf] (praetorian.com) |
| 1 point by myover on Sept 2, 2016 | past |
|
| | Reversing and Exploiting Embedded Devices: The Software Stack (Part 1) (praetorian.com) |
| 3 points by ashitlerferad on June 4, 2016 | past |
|
| | Reversing and Exploiting Embedded Devices: The Software Stack (Part 1) (praetorian.com) |
| 1 point by ndesaulniers on June 3, 2016 | past |
|
| | Reversing and Exploiting Embedded Devices: The Software Stack (Part 1) (praetorian.com) |
| 2 points by myover on June 2, 2016 | past |
|
| | 11 Steps to Mitigate WPAD Attack (Defense In-depth) (praetorian.com) |
| 1 point by jabraham_ on May 25, 2016 | past |
|
| | Signal Protocol and Deniable Authentication (praetorian.com) |
| 3 points by kkl on May 17, 2016 | past |
|
| | Great Example of an Engineering Culture at Work in Security Services (praetorian.com) |
| 1 point by myover on April 26, 2016 | past |
|
| | JTAGulator vs. JTAGenum, Hardware Hacking Tools for IoT Devices (praetorian.com) |
| 2 points by myover on April 20, 2016 | past |
|
| | SPAM Filters: A Reliable Protection Against Phishing Attacks? (praetorian.com) |
| 4 points by myover on April 12, 2016 | past |
|
| | End-To-End WhatsApp Encryption: Why Signal Protocol Is So Well-Designed (praetorian.com) |
| 6 points by myover on April 7, 2016 | past |
|
| | Machine Learning Tutorial (praetorian.com) |
| 4 points by myover on Feb 15, 2016 | past | 2 comments |
|
| | Statistics Based Password Cracking Rules Released (praetorian.com) |
| 4 points by myover on Feb 11, 2016 | past |
|
| | Ruby Unsafe Reflection Vulnerabilities (praetorian.com) |
| 1 point by myover on Feb 9, 2016 | past |
|
|
| More |
