"The enemy does not check your risk register prior to attacking." - Sun Tzu, The Art of Cyber War
๐ SecMisc
PoisonTap - Exploiting locked computers through USB peripherals, demonstrating techniques to bypass security measures on locked machines. Read More
Securing 4 C's of a Software Product - Comprehensive guide focusing on implementing AWS security measures across different product components. Read More
๐ฐ SecLinks
GitHub Enterprise SAML Bypass - Analysis of critical authentication bypass vulnerabilities affecting GitHub Enterprise Server. Read More
Sharing Secrets - Comprehensive guide exploring various methodologies and best practices for secure secret sharing in organizations. Read More
IBM Security Verify Access - Detailed analysis of 32 security vulnerabilities discovered in IBM's security platform. Read More
Fortune 500 Supply Chain - Investigation into hidden supply chain vulnerabilities affecting Fortune 500 companies. Read More
Ubuntu Privilege Escalation - Technical analysis of root privilege escalation techniques in Ubuntu 24.04. Read More
Application Security Assessment - Methodological approach to effectively evaluate application security posture. Read More
Citrix Remote Access - Research on critical vulnerabilities in Citrix Virtual Apps and Desktops. Read More
Arc Browser Security - Discovery of UXSS, local file read, and RCE vulnerabilities in Arc Browser. Read More
Firefox Animation Bug - Technical analysis of CVE-2024-9680 affecting Firefox's animation system. Read More
SoftBank Mesh Analysis - In-depth vulnerability research on SoftBank Mesh RP562B devices. Read More
CVE-2024-47575 - Detailed analysis and impact assessment of critical vulnerability. Read More
Incident Response Evolution - Case study on the development of incident response processes at Podia. Read More
VPN Trust Analysis - Critical examination of trust issues in modern VPN services. Read More
GuardDuty Bypass - Techniques for bypassing AWS GuardDuty pentest detection mechanisms. Read More
AI Red Team Services - Introduction to CrowdStrike's new AI security testing capabilities. Read More
AWS Ransomware - Comprehensive guide on effective AWS ransomware techniques and prevention. Read More
Technical Team Leadership - Insights into effectively leading technical security teams. Read More
JWT Attack Methods - Analysis of attack vectors using self-signed JWT claims. Read More
๐ฆ SecX
Apple Security Feature - Discussion on newly implemented security features in Apple systems. Watch Here
Ethernet History - Historical perspective on the creation and implementation of Ethernet. Watch Here
Malware Museum - Announcement of the upcoming Museum of Malware Art in Helsinki. Watch Here
Password Comic - Historical Foxtrot comic highlighting password management challenges. Watch Here
Gnark Vulnerability - Technical thread on memory vulnerability discovery in Gnark. Watch Here
๐ฅ SecVideo
BlueHat 2024 - Complete collection of presentations from BlueHat 2024 security conference. Watch Here
CURL Analysis - Deep dive into CURL HTTPS verbose output analysis. Watch Here
Cities Skylines Malware - Comprehensive reverse engineering analysis of Cities Skylines II malware. Watch Here
๐ป SecGit
CVE-2024-50340-eos-exploit - Exploit implementation for Symfony vulnerability. Explore on GitHub
C2TeamServer - Framework for Command and Control server implementation. Explore on GitHub
web-chains - Java payload generation and exploitation toolkit. Explore on GitHub
For suggestions and any feedback, please contact: securify@rosecurify.com