-
9 votes
-
This GitHub profile has a custom background
31 votes -
Four in five CISOs have been told to downplay a potential risk’s severity
9 votes -
Significant cyber incidents | Strategic technologies program
1 vote -
Cybercriminals pose as "helpful" Stack Overflow users to push malware
19 votes -
On the XZ Utils Backdoor (CVE-2024-3094): FOSS Delivered on its Pitfalls and Strengths
27 votes -
Bug in glibc's iconv() function allows for RCE in PHP servers by setting charset to ISO-2022-CN-EXT to trigger buffer overflow (CVE-2024-2961)
9 votes -
When provided with CVE descriptions of 15 different vulnerabilities and a set of tools useful for exploitation, GPT-4 was capable of autonomously exploiting 13 of which, yielding an 87% success rate
17 votes -
Twitter replaces twitter.com with x.com without user consent. Bad implementation invites an influx of Phishing attacks. (german source)
48 votes -
Don’t set up wildcard DNS records for GitHub Pages
18 votes -
Critical vulnerability in Rust's Command library allows for command injection when using its API to invoke batch scripts with arguments on Windows systems (CVE-2024-24576)
18 votes -
Backdoor in upstream libxz targeting sshd
104 votes -
Ross Anderson, computer security expert, passed away
12 votes -
White House to Developers: Using C or C++ Invites Cybersecurity Risks
5 votes -
What Is A Secure Note-Taking App?
I've been using Google's Keep Notes for all my note-taking, but I would like to shift away from that and use an app that is more secure. I've heard of Notion and Evernote but I'm not sure about...
I've been using Google's Keep Notes for all my note-taking, but I would like to shift away from that and use an app that is more secure. I've heard of Notion and Evernote but I'm not sure about their level of security/encryption. Any suggestions?
20 votes -
A 2024 plea for lean software
36 votes -
What are people's thoughts on "secureblue", "bazzite" and other ublue images?
7 votes -
Your security program is shit
63 votes -
4-year campaign backdoored iPhones using possibly the most advanced exploit ever
43 votes -
EU Cyber Resilience Act: What does it mean for open source?
13 votes -
Now Open: 2023 SANS Holiday Hack Challenge & KringleCon
1 vote -
Immersive Labs "Haunted Halloween" Challenges 2023
Hey everyone! Just wanted to share that Immersive Labs has rolled out their "Haunted Halloween" challenges for 2023. For those unfamiliar, Immersive Labs offers a platform for interactive,...
Hey everyone! Just wanted to share that Immersive Labs has rolled out their "Haunted Halloween" challenges for 2023. For those unfamiliar, Immersive Labs offers a platform for interactive, gamified learning in the realm of cybersecurity. They've been known to host challenges that test and enhance cyber skills.
You can sign up for free using code HAUNTEDHOLLOW to try it out hubs.ly/Q026LTZV0.
Now, I'm not posting this solely out of altruism. I could use some help on the 'Mirrored Mayhem' task.
Spoiler Alert: Details about the challenge below
I've managed to get the RCE. I've crafted a PNG and successfully executed remote code. However, I'm only able to find the 'webapp-token'. I'm at a loss when it comes to the 'user-token' or 'root-token'. The 'whats in the mirror?' file isn't giving me any leads either. I've also got a username/password from it but can't figure out where to use them.Would appreciate any pointers or hints from anyone who's tackled this challenge. Thanks in advance!
4 votes -
Systems Alchemy: The Transmutation of Hacking (2023)
5 votes