Exploitation in the wild has been observed (h/t gossi). Please patch immediately!

Les criminels continuent d'exploiter les données personnelles des clients de #Ledger dans le but de voler leurs cryptomonnaies. Cette fois, ils envoient de faux portefeuilles par la poste afin de subtiliser les phrases de récupération des utilisateurs 👇 cryptoast.fr/faux-portefeui…

#Ghidra 10.0 has been let loose! We are pleased to include the first version of the new integrated Ghidra debugger. Head over to Ghidra.sre.org to check out all the changes and launch the debugger on your reverse engineering project.

Interpol urges police to unite against 'potential ransomware pandemic' - Sergiu Gatlan bleepingcomputer.com/news/security/…

DEFCON is ON! Youtube Live streaming: youtube.com/c/adversaryvil… Twitch: twitch.tv/adversaryvilla… Full schedule: adversaryvillage.org/adversary-even… DEF CON #AdversaryVillage

Actively exploited bug bypasses authentication on millions of routers - Sergiu Gatlan bleepingcomputer.com/news/security/…

Kaseya's universal REvil decryption key leaked on a hacking forum - Lawrence Abrams bleepingcomputer.com/news/security/…

SynAck ransomware releases decryption keys after El_Cometa rebrand - Lawrence Abrams bleepingcomputer.com/news/security/…

Ragnarok ransomware releases master decryptor after shutdown - Ionut Ilascu bleepingcomputer.com/news/security/…

Mass exploitation of Atlassian Confluence CVE-2021-26084 is ongoing and expected to accelerate. Please patch immediately if you haven’t already— this cannot wait until after the weekend.

TrickBot gang developer arrested when trying to leave Korea - Lawrence Abrams bleepingcomputer.com/news/security/…

New #Tsurugi #Linux 2021.1 #DFIR and #OSINT profiles

🆕 Arrest in Ukraine of 2 members of a ransomware gang known for their extortionate ransom demands of up to €70 million. #Europol & INTERPOL coordinated operation between 🇫🇷 Gendarmerie nationale, 🇺🇦 Cyberpolice Ukraine & 🇺🇸 FBI Full story 👉ow.ly/Wvtz50Glbud

Wooow 🤩

SCOOP: The popular 'COA' NPM library has been hijacked with malicious code, affecting millions of React pipelines worldwide. This hijack is virtually identical to the UA-Parser-JS hijack last month, and also drops a password-stealing trojan. bleepingcomputer.com/news/security/…

All versions of Samba prior to 4.13.17 with VFS module "vfs_fruit" (compatibility with Apple SMB clients) are vulnerable. CVSSv3 : 9.9/10 thehackernews.com/2022/01/new-sa…

Links to write-ups, blog posts and papers related to cybersecurity, reverse engineering and exploitation (updated collection) github.com/0xor0ne/awesom… #infosec #cybersecurity

x64 Linux Binary Exploitation series Basic: valsamaras.medium.com/introduction-t… Return into lib: valsamaras.medium.com/introduction-t… RoP Chains: valsamaras.medium.com/introduction-t… Stack Canaries: valsamaras.medium.com/introduction-t… ASLR: valsamaras.medium.com/introduction-t… Dimitri 0s #cybersecurity #exploit

NEW TOOL: HEX.DANCE It's a fully in-browser binary/file analysis tool with a hex editor. Features: - Hex editor and you can save the edited file - Mach-O symbols - ELF and PE basic metadata - Zip file contents - Fully client-side in-browser, so it is private and