Seclog - #79


2 min read

๐Ÿ“š SecMisc

  • The SSO Wall of Shame - A list of vendors that treat single sign-on as a luxury feature, not a core security requirement. Read More
  • LangChain JS Arbitrary File Read Vulnerability - Read More

  • AI and Machine Learning: Revolutionizing Application Security - Read More

  • Perplexity AI is susceptible to prompt injection - Read More

  • Red Teaming with LLMs - Read More

  • AWS re:Inforce 2024: Session Notes and Announcements - Read More

  • Security and Human Behavior 2024 - Read More

  • Using LLMs to Exploit Vulnerabilities - Read More

  • Anatomy of a Terminal Emulator - Read More

  • GHSL-2024-001_GHSL-2024-003: Remote DoS and potential authentication bypasses in - Read More

  • Assessing CVE-2024-25065: Apache OFBiz Security bypass leads to Unauthorized Access/Actions - Read More

  • Tales from the cloud trenches: Raiding for AWS vaults, buckets and secrets - Read More

  • Security in the 2000s - Read More

  • Cloud Detection and Response in AWS - Read More

  • Off-path TCP hijacking in NAT-enabled Wi-Fi networks - Read More

  • Google Online Security Blog: Staying Safe with Chrome Extensions - Read More

๐ŸŽฅ SecVideo

  • Hacking clouds using the power of the sun - Ian Mckay - Watch Here

๐Ÿ’ป SecGit

  • p0dalirius/smbclient-ng - smbclient-ng, a fast and user friendly way to interact with SMB shares. Explore on GitHub

  • soteria-security/MFArcade - PowerShell script to create reports of M365 User Multi-factor Authentication Registration Status and Highlight MFA Related Conditional Access Policy Gaps. Explore on GitHub

  • nowsecure/fsmon - monitor filesystem on iOS / OS X / Android / FirefoxOS / Linux. Explore on GitHub

  • Marven11/CVE-2024-28397-js2py-Sandbox-Escape - CVE-2024-28397: js2py sandbox escape, bypass pyimport restriction. Explore on GitHub

  • deggja/netfetch - Kubernetes tool for scanning clusters for network policies and identifying unprotected workloads. Explore on GitHub

For suggestions and any feedback, please contact: