Seclog - #70


3 min read

Seclog - #70

Photo by Pandav Tank on Unsplash

We must embrace pain and burn it as fuel for our journey. โ€” Kenji Miyazawa

๐Ÿ“š SecMisc

  • Cloud Hacking Labs - A platform dedicated to learning and testing hacking skills in a controlled environment. More
  • Palo Alto - Protecting GlobalProtect (CVE-2024-3400) - An analysis of CVE-2024-3400 vulnerability in Palo Alto's GlobalProtect VPN. Read More

  • Google's Flank Workflow Vulnerability - Exploring a complex actions workflow vulnerability in Google's Flank. Read More

  • Backdooring .NET Applications - Techniques and implications of injecting backdoors into .NET applications. Read More

  • Radio Astronomy for Beginners - A beginner's guide to starting with radio astronomy. Read More

  • Detecting Fake Accounts - Strategies to identify and handle fake online accounts effectively. Read More

  • From SSRF to gcp_enum Creation - Documenting the journey from discovering an SSRF vulnerability to creating the gcp_enum tool. Read More

  • Critical Vulnerabilities in Kubernetes Clusters - Discussing new critical vulnerabilities found in Kubernetes clusters. Read More

  • SoumniBot Android Banker Analysis - An in-depth analysis of the SoumniBot Android banking malware. Read More

  • South Carolina Tax Record Theft - Investigation into the theft of 3.6 million tax records in South Carolina. Read More

  • AWS IAM Roles Vulnerability - How AWS flaws led to vulnerabilities in Amplify IAM roles. Read More

  • Telegram App Zero-Day Fix - Telegram updates its Windows app to fix a zero-day vulnerability. Read More

  • Super Sushi Samurai Hack - A detailed analysis of the Super Sushi Samurai hack incident. Read More

  • Restoring the National Vulnerability Database - Urging actions to restore the integrity of the National Vulnerability Database. Read More

  • Building a GPS Receiver - A series on constructing a GPS receiver from scratch. Read More

  • Web Application Input Handling Vulnerabilities - Techniques for discovering vulnerabilities in web application input handling. Read More

  • ZIP Embedding Attack on Chrome Extensions - Exploring the vulnerabilities in Google Chrome extensions through ZIP embedding attacks. Read More

  • Malware and Fraud from Vietnam to the US - An overview of cross-border cybercrime involving malware, fraud, and dropshipping. Read More

๐Ÿฆ SecTweet

  • Cybertruck Design Flaw Alert - Highlighting a significant design flaw in Cybertruck that causes unintended acceleration due to the accelerator pedal issue. Tweet

๐Ÿ’ป SecGit

  • Microsoft Copilot for Security - An AI-powered tool aimed at enhancing security defenses. Explore on GitHub

  • CVE Feed Notifier - A customized tool to notify users about new CVEs. Explore on GitHub

  • Attacks Against LLMs - Repository containing various attacks against Large Language Models. Explore on GitHub

  • CVE-2024-3400 RCE Exploit - A repository dedicated to exploiting the CVE-2024-3400 vulnerability. Explore on GitHub

  • Open Asset Model Tools - Tools for analysis and management of an Open Asset Model database. Explore on GitHub

For suggestions and any feedback, please contact: