Cybersecurity information flow

State machines and statecharts for the modern web.

AI on the command line

Malware persistence is a crucial aspect of cyber threats that often goes unnoticed by unsuspecting users. In the realm of cybersecurity, it refers to the ability of malicious software to establish a foothold on a targeted system, allowing it to maintain its presence over an extended period. This persistence is achieved through various covert techniques, […]

本文讲解如何通过 Contract Size Check 判断调用者身份。

🍺 Scaffolding your Chrome extension! Boilerplates: react \ vue \ svelte \ solid \ preact \ alpine \ lit \ stencil \ inferno \ vanilla

Apache Shiro 是一个可执行身份验证、授权、加密和会话管理的 Java 安全框架。

Microsoft is proud to be recognized as a Leader in The Forrester Wave™: Zero Trust Platform Providers, Q3 2023 report.
The post Forrester names Microsoft a Leader in the 2023 Zero Trust Platform Providers Wave™ report appeared first on Microsoft Security Blog.

For the fifth consecutive year, Microsoft 365 Defender demonstrated leading extended detection and response (XDR) capabilities in the independent MITRE Engenuity ATT&CK® Evaluations: Enterprise. The attack used during the test highlights the importance of a unified XDR platform and showcases Microsoft 365 Defender as a leading solution, enabled by next-gen protection, industry-first capabilities like automatic attack disruption, and more.
The post Microsoft 365 Defender demonstrates 100 percent protection coverage in the 2023 MITRE Engenuity ATT&CK® Evaluations: Enterprise  appeared first on Microsoft Security Blog.

Today, Microsoft announced several major innovations to empower people across work and life and redefine how we live and work with AI.
The post New Microsoft security tools to protect families and businesses appeared first on Microsoft Security Blog.

.NET port of Leron Gray's azbelt tool.

总结推荐本周的热点资讯、安全事件、一周好文和省心工具，保证大家不错过本周的每一个重点！

SQL injection vulnerbility in jeecgboot jeecg-boot v 3.0, 3.5.3 that allows a remote attacker to execute arbitrary code via a crafted request to the report/jeecgboot/jmreport/queryFieldBySql component.
[GitHub]SQL injection vulnerbility in jeecgboot jeecg-boot v. allows a remote attacker to execute arbitrary code via a crafted request to the report/jeecgboot/jmreport/queryFieldBySql component.

该项目在执行read模块时会从内核堆地址中拷贝信息到用户空间中去，但是这里的拷贝没有对长度做限制，因此存在着越界读的漏洞。

The post Talkin’ About Infosec News – 9/18/2023 appeared first on Black Hills Information Security.

影响厂商:LinkedIn 奖励: 危险等级:critical

影响厂商:Nord Security 奖励:250.0USD 危险等级:medium

影响厂商:b'LinkedIn'(https://hackerone.com/linkedin) 

Taskhub version 2.8.8 suffers from a cross site scripting vulnerability.

Ubuntu Security Notice 6360-2 - USN-6360-1 fixed a vulnerability in FLAC. This update provides the corresponding update for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 18.04 LTS. It was discovered that FLAC incorrectly handled encoding certain files. A remote attacker could use this issue to cause FLAC to crash, resulting in a denial of service, or possibly execute arbitrary code.

Ftrace-based Linux loadable kernel module rootkit for Linux kernel versions 5.x and 6.x on x86_64. It hides files, hides process, hides a bind shell and reverse shell port, provides privilege escalation, and cleans up logs and bash history during installation.

BDS Freebsd KLD rootkit for FreeBSD 13 that hides files, hides processes, hides ports, and has a bind shell backdoor.

Elasticsearch version 8.5.3 stack overflow proof of concept exploit.

Red Hat Security Advisory 2023-5337-01 - A security update for Camel K 1.10.2 is now available. The purpose of this text-only errata is to inform you about the security issues fixed. Issues addressed include a bypass vulnerability.

Ubuntu Security Notice 6395-1 - Mickael Karatekin discovered that GNOME Shell incorrectly allowed the screenshot tool to view open windows when a session was locked. A local attacker could possibly use this issue to obtain sensitive information.

Ubuntu Security Notice 6394-1 - It was discovered that Python incorrectly handled certain scripts. An attacker could possibly use this issue to execute arbitrary code or cause a crash.