Burp ♥ OpenVPN – honoki
When performing security tests, you will often be required to send all of your traffic through a VPN. If you...
Read more →News Archive
View All →
Google Chrome Security Update – Vulnerabilities Patched
In a security update for Chrome, Google has updated the Stable and Extended stable channels to 116.0.5845.110 for Mac and Linux...
Read more →
Apache XML Graphics Batik Flaw Exposes Sensitive Information
Two Server-Side Request Forgery (SSRF) vulnerabilities were found in Apache Batik, which could allow a threat actor to access sensitive...
Read more →
Security Onion 2.4: Free, open platform for defenders gets huge update
Security Onion is a free and open platform for threat hunting, enterprise security monitoring, and log management. It has been...
Read more →
Spacecolon Toolset Fuels Global Surge in Scarab Ransomware Attacks
Aug 23, 2023THNRansomware / Malware A malicious toolset dubbed Spacecolon is being deployed as part of an ongoing campaign to...
Read more →
XLoader malware Attacking macOS OfficeNote App
XLoader has been serving as a particularly persistent and adaptable threat since 2015. With its roots deeply ingrained in the digital...
Read more →
Five processes every organisation needs for successful BizDevOps
BizDevOps in a nutshell Many organisations claim to be data-centric and data-driven. Making informed decisions based on what their organisation’s...
Read more →
Cameyo offers Windows apps delivery on Chrome devices
Cameyo has integrated its virtual app delivery services with ChromeOS to provide IT departments with a way to repurpose older Windows...
Read more →
CBA cuts 221 roles in technology business division – Finance – Training & Development
The Commonwealth Bank of Australia has made 221 roles redundant, resulting in 88 job losses and an effort to “redeploy...
Read more →
XXE-scape through the front door: circumventing the firewall with HTTP request smuggling
In this write-up, I want to share a cool way in which I was able to bypass firewall limitations that...
Read more →
Exploitation of Ivanti Sentry Zero-Day Confirmed
Ivanti has confirmed that a recently discovered vulnerability affecting its Sentry mobile gateway has been exploited in attacks. The existence...
Read more →
Carderbee APT targets Hong Kong orgs via supply chain attacksSecurity Affairs
A previously unknown APT group, tracked as Carderbee, was behind a supply chain attack against Hong Kong organizations. Symantec Threat...
Read more →