unSafe.sh - 不安全
我的收藏
今日热榜
公众号文章
导航
Github CVE
Github Tools
编码/解码
文件传输
Twitter Bot
Telegram Bot
Rss
黑夜模式
Bug Bounty: Insights from Our First-hand Experience
error code: 1016...
2024-5-7 15:2:0 | 阅读: 2 |
收藏
|
Over Security - Cybersecurity news aggregator - blog.compass-security.com
1016
New Burp Extension: JWT-scanner
Authentication and authorization are critical components of any application. Various standa...
2024-4-23 15:2:1 | 阅读: 10 |
收藏
|
Over Security - Cybersecurity news aggregator - blog.compass-security.com
jwts
security
burp
jwk
Behind The Scenes Of Ransomware Attacks
This is hopefully the most useless blog post you will read this year as this post will...
2024-4-9 15:1:54 | 阅读: 6 |
收藏
|
Over Security - Cybersecurity news aggregator - blog.compass-security.com
ransomware
negotiation
encryption
security
lockbit3
Pwn2Own Toronto 2023: Part 5 – The Exploit
If you have not read the previous blog posts I recommend you to have a look at part 1, wher...
2024-3-29 16:1:55 | 阅读: 5 |
收藏
|
Over Security - Cybersecurity news aggregator - blog.compass-security.com
payload
lex
pwn2own
invoked
impl
Pwn2Own Toronto 2023: Part 4 – Memory Corruption Analysis
Welcome to the 4th part of this blog post series. If you have not read the previous blog p...
2024-3-28 16:2:6 | 阅读: 8 |
收藏
|
Over Security - Cybersecurity news aggregator - blog.compass-security.com
lex
ivar2
undefined4
libjansson
synocam
Pwn2Own Toronto 2023: Part 3 – Exploration
If you have not read the previous blog posts I recommend you to have a look at part 1, wher...
2024-3-27 16:1:57 | 阅读: 4 |
收藏
|
Over Security - Cybersecurity news aggregator - blog.compass-security.com
syno
security
webd
maintenance
Pwn2Own Toronto 2023: Part 2 – Exploring the Attack Surface
Welcome back to the next part of our blog series. If you haven’t checked out the earlier po...
2024-3-26 16:1:57 | 阅读: 11 |
收藏
|
Over Security - Cybersecurity news aggregator - blog.compass-security.com
upnp
webdav
injection
synology
Pwn2Own Toronto 2023: Part 1 – How it all started
Around a year ago a few of my colleagues and I were sitting in Benoit Forgette and Dami...
2024-3-25 16:1:58 | 阅读: 8 |
收藏
|
Over Security - Cybersecurity news aggregator - blog.compass-security.com
nand
ubi
ubi0
14965870
partitions
Manipulating LLMs – How to confuse ChatGPT
What are LLMsLLMs (Large Language Models) are language models with a large number of...
2024-3-12 16:2:1 | 阅读: 10 |
收藏
|
Over Security - Cybersecurity news aggregator - blog.compass-security.com
llm
llms
injection
attacker
xn
Luring the Threat: Lessons from ICS Honeypots in Ukraine and Germany
In today’s interconnected world, it is a well-known fact that systems with Internet exposur...
2024-2-27 16:2:14 | 阅读: 10 |
收藏
|
Over Security - Cybersecurity news aggregator - blog.compass-security.com
malicious
attackers
germany
ukraine
honeypots
Securing Connections to your Remote Desktop
When accessing a remote server, there is always a risk that it could be compromised. For us...
2024-2-15 07:2:42 | 阅读: 4 |
收藏
|
Over Security - Cybersecurity news aggregator - blog.compass-security.com
remote
windows
security
attacker
laps
Lenovo Update Your Privileges
A journey into the discovery of two privilege escalation vulnerabilities in the Lenovo upda...
2024-2-15 07:2:41 | 阅读: 9 |
收藏
|
Over Security - Cybersecurity news aggregator - blog.compass-security.com
lenovo
deletion
symbolic
tvsusession
dock
A sneaky attack to your platform
Nowadays, web developers rely mostly on well-established frameworks to develop their platfo...
2024-2-15 07:2:40 | 阅读: 8 |
收藏
|
Over Security - Cybersecurity news aggregator - blog.compass-security.com
attacker
ssrf
security
malicious
hostnames
From MQTT Fundamentals to CVE
Internet of Things (IoT) and Operational Technology (OT) is an area that has grown strongly...
2024-2-15 07:2:38 | 阅读: 8 |
收藏
|
Over Security - Cybersecurity news aggregator - blog.compass-security.com
mqtt
broker
client
mosquitto
memory
Relaying NTLM to MSSQL
Readers of this blog probably know that I like to try NTLM relaying over all protocols poss...
2024-2-15 07:2:37 | 阅读: 9 |
收藏
|
Over Security - Cybersecurity news aggregator - blog.compass-security.com
encryption
testlab
ws1
privileges
microsoft
Device Code Phishing – Compass Tooling
Device code phishing is nothing new. In fact it has been around for some years now. There a...
2024-2-15 07:2:36 | 阅读: 9 |
收藏
|
Over Security - Cybersecurity news aggregator - blog.compass-security.com
phishing
microsoft
tormentor
phisher
github
Exposing the Scammers: Unmasking the Elaborate Job Offering Scam
In the era of the internet, scams vary in forms, targeting those who aren’t cautious. Latel...
2024-2-15 07:2:35 | 阅读: 7 |
收藏
|
Over Security - Cybersecurity news aggregator - blog.compass-security.com
bonny
profits
withdrawal
earnings
deception
Microsoft Teams Covert Channels Research
This article illustrates how custom command and control (C2) implants can circumvent networ...
2024-2-15 07:2:34 | 阅读: 6 |
收藏
|
Over Security - Cybersecurity news aggregator - blog.compass-security.com
microsoft
covert
webhook
attacker
victim
Device Code Phishing – Add Your Own Sign-In Methods on Entra ID
TL;DR An attacker is able to register new security keys (FIDO) or other authentication meth...
2024-2-15 07:2:33 | 阅读: 6 |
收藏
|
Over Security - Cybersecurity news aggregator - blog.compass-security.com
security
microsoft
phishing
victim
Microsoft BitLocker Bypasses are Practical – Compass Security Blog
My colleague Mirko and I recently attended the “Defeating Microsoft’s Default BitLocker Imp...
2024-2-14 20:59:40 | 阅读: 6 |
收藏
|
Over Security - Cybersecurity news aggregator - blog.compass-security.com
tpm
bitlocker
vmk
attacker
tamper
Previous
0
1
2
3
4
5
6
7
Next