Seclog - #69


2 min read

We should all be thankful for those people who rekindle the inner spirit. β€” Albert Schweitzer

πŸ“š SecMisc

  • Digital Defense - Explore cutting-edge security technologies and insights at Digital Defense. Read More

  • BGPView - BGP Toolkit and BGP ASN Routing Lookup Tool - A comprehensive toolkit for BGP network analysis. Read More

  • The DDoS Report - Insights and analysis on the latest DDoS trends and attacks. Read More

  • Ahoi Attacks - Detailed exploration of novel network-based attacks and their prevention. Read More

  • Passwords for Manly Men Like JamesB & JakeK - Humorous take on password strength and security for "manly" individuals. Read More

  • Cybersecurity is broken - Delving into the myriad of challenges that currently plague the cybersecurity industry. Read More

  • Kobold letters – Lutra Security - Unveiling the threats posed by Kobold phishing campaigns. Read More

  • Backdoor in XZ Utils That Almost Happened - Schneier on Security - Analysis of a narrowly avoided security vulnerability in XZ Utils. Read More

  • Kaspersky analysis of the backdoor in XZ | Securelist - Comprehensive report on the XZ Utils backdoor case. Read More

  • How I discovered a 9.8 critical security vulnerability in ZeroMQ - A firsthand account of discovering a major flaw in ZeroMQ. Read More

  • Google Public DNS’s approach to fight against cache poisoning attacks - Strategies employed by Google Public DNS to mitigate DNS cache poisoning. Read More

  • Technical Advisory – Ollama DNS Rebinding Attack (CVE-2024-28224) - A detailed technical advisory on the Ollama DNS rebinding attack. Read More

  • Browser Security Bugs that Aren’t: JavaScript in PDF - Exploring common misconceptions about JavaScript security in PDFs. Read More

  • Persistent Magento backdoor hidden in XML - Analysis of a stealthy backdoor found in Magento via XML files. Read More

  • SSD Advisory - IP.Board 'nexus' RCE and Blind SQLi - Disclosure of critical vulnerabilities in IP.Board. Read More

πŸŽ₯ SecVideo

  • Building a Successful Security Champions Program: What does it take? - Insights into creating and maintaining a successful Security Champions program. Watch Here

πŸ’» SecGit

  • YuriiCrimson/ExploitGSM - A repository containing exploits for various kernel versions. Explore on GitHub

  • frostb1ten/CVE-2024-24576-PoC - Proof of Concept for CVE-2024-24576, demonstrating the vulnerability. Explore on GitHub

  • charmbracelet/melt: 🧊 Backup and restore Ed25519 SSH keys with seed words. - A tool for backing up and restoring SSH keys using a mnemonic seed phrase. Explore on GitHub

  • indianajson/va-zone: Summary and archive of Vatican .va (Holy See) ccTLD zone data for researchers. - Archive and analysis of the Vatican's top-level domain data. Explore on GitHub

For suggestions and any feedback, please contact: