Attacks & Vulnerabilities
|
Payment Gateway Data Breach Affects 1.7 Million Credit Card Owners (2 minute read)
Payment gateway provider SlimCD has disclosed a breach affecting 1.7M individuals. SlimCD reported that in June it detected that a threat actor had breached its network nearly a year previously in August 2023 and took steps to block the access. Stolen information included full names, physical addresses, credit card numbers, and expiration dates, but not CVV numbers.
|
|
Red Reaper: Building an AI Espionage Agent (10 minute read)
Inspired by the I-Soon leaks, these authors decided to build an AI espionage agent called Red Reaper. Red Reaper consists of 3 data science layers and a basic Flask UI. The first layer seeks to identify entities that deal with LAW in the sample email dataset and assign a confidence score to each one. The next layer builds a Neo4j graph and performs some analysis on the graph to identify key communication clusters and individuals. Generative AI is introduced in the last layer to refine the analysis and identify information that could be relevant for espionage, extortion, blackmail, or other criminal activity.
|
Sanitize your C++ containers: ASan annotations step-by-step (15 minute read)
This post discusses how to use AddressSanitizer(ASan) to detect memory errors in C++ code. Adding ASan annotations to libc++ containers like std::string and std::deque aids in bug detection. The post walks through various examples and code snippets that use ASan to aid in finding memory bugs in C++ code.
|
Deploying Rust in Existing Firmware Codebases (10 minute read)
This blog post explains how to gradually introduce Rust into existing firmware codebases for improved security. Drop-in Rust replacements for C code can enhance security with minimal effort. By following an incremental approach and addressing specific challenges, you can seamlessly integrate Rust into your firmware development process.
|
|
Frida 16.5.0 Released (4 minute read)
Frida 16.5.0 contains new features like hardware breakpoints and watchpoints to help locate code accessing specific memory data more easily. The release also brings support for Windows on ARM and other improvements, making Frida even more versatile for developers. This article presents a demo using these new APIs in a game like DOOM, showing how to find and monitor memory locations dynamically.
|
hookchain (GitHub Repo)
hookchain aims to provide a new perspective on EDR Evasion. Through a precise combination of IAT Hooking techniques, dynamic SSN resolution, and indirect system calls, hookchain redirects the execution flow of Windows subsystems in a way that remains invisible to the vigilant eyes of EDRs that only act on Ntdll.dll without requiring changes to the source code of the applications and malware involved.
|
|
Making Sense of the Application Security Product Market (17 minute read)
The AppSec product market is undergoing rapid change as new tooling such as CSPMs and API security tools shift the way teams interact with traditional tools like WAFs and DASTs. ASPMs are arriving to bridge the UI/UX and contextual gaps that exist in AppSec tools across the SDLC but struggle with requiring more integration points than CSPMs. GenAI is emerging as a useful tool that aids in triaging alerts, but it is still lacking in maturity.
|
Bug Left Some Windows PCs Dangerously Unpatched (3 minute read)
Microsoft has released updates to fix 79 security vulnerabilities in Windows, including an unpatched bug affecting some Windows 10 PCs. One critical bug, CVE-2024-43491, caused the rollback of fixes for certain Windows 10 systems. Two zero-day flaws affecting Microsoft Publisher and Office, CVE-2024-38226 and CVE-2024-38217, were disclosed.
|
Crimson Palace returns: New Tools, Tactics, and Targets (20 minute read)
The Crimson Palace cyber threat operation has resumed with new tools and tactics to target governments and organizations in South East Asia. This blog post presents various diagrams and timelines showing the details of Crimson Palace's operations. It also discusses the evolution of the malware, as well as efforts to evade detection.
|
|
Love TLDR? Tell your friends and get rewards!
|
Share your referral link below with friends to get free TLDR swag!
|
|
Track your referrals here. |
Want to advertise in TLDR? 📰
|
If your company is interested in reaching an audience of cybersecurity professionals and decision makers, you may want to advertise with us.
If you have any comments or feedback, just respond to this email!
Thanks for reading,
Prasanna Gautam, Eric Fernandez & Sammy Tbeile
|
|
|
|