aerleon Generate firewall configs for multiple firewall platforms from a single platform-agnostic configuration language through a command line tool and Python API. Aerleon is a fork of Capirca with the following major additions: YAML policy and...
Researchers have unearthed a pervasive offensive targeting industrial controllers that had been inadvertently exposed to the public internet. Beneath the façade of routine Modbus/TCP inquiries lay not merely indiscriminate scanning, but calculated attempts to...
Microsoft has resolved to render Windows updates significantly less intrusive, empowering users to defer installations with greater frequency, deactivate their systems without unbidden alterations, and discern with clarity which specific components the system intends...
Kerlab A Rust implementation of Kerberos for FUn and Detection Kerlab was developed just to drill down kerberos protocol and better understand it. The main purpose is to write more targeted detection rules. kerasktgt Kerberos Ask...
The United States Cybersecurity and Infrastructure Security Agency (CISA) has once again augmented its repository of vulnerabilities identified in active, real-world incursions. The latest revision incorporates four distinct flaws within products from Samsung, SimpleHelp,...
An oversight within a security remediation has inadvertently carved a novel path for exploitation. While the developers successfully neutralized the remote code execution flaw weaponized by the APT28 collective, they left behind a secondary...
Security researchers at Kaspersky Lab have identified a surreptitious methodology within Windows to obtain absolute systemic hegemony—a vulnerability for which a remediation remains notably absent. By merely impersonating a specific system service, an adversary...
The Harvester threat collective has re-emerged, wielding a sophisticated instrument designed to elude conventional defensive parameters. Security researchers have identified a nascent iteration of the GoGra backdoor for Linux, which surreptitiously camouflages its presence...
Jailer is an eBPF-based process jailing system that provides mandatory access control (MAC) for Linux. It tracks processes using BPF task_storage maps and enforces role-based policies on file access, network operations, and process execution....
Subtle fluctuations in internet activity can serve as premonitory indicators of severe vulnerabilities long before their public disclosure. A nascent report by GreyNoise reveals that adversaries frequently initiate aggressive scanning and reconnaissance of infrastructure...