Ståle Pettersen (@kozmic)

Weathering the storm: In the midst of a Typhoon Cisco Talos has been closely monitoring reports of widespread intrusion activity against several major U.S. telecommunications companies, by a threat actor dubbed Salt Typhoon. This blog highlights ou...

Very interesting write-up
blog.talosintelligence.com/salt-typhoon...

21.02.2025 07:47 👍 1 🔁 0 💬 0 📌 0

👊I really like research and write-ups like these, keep'em coming :)

22.01.2025 19:05 👍 1 🔁 0 💬 0 📌 0

In most scenarios though, the impact is minimal... But edge cases, like Okta's case, it can have servere impact. It should be opt-in for an API to behave like that in my opinion:)
2/2

22.01.2025 18:03 👍 0 🔁 0 💬 1 📌 0

Great research and write-up! I 100% agree with you, it's a bad API design to fail silently. I know that PHP also fails silently. I've identified this issue in PHP solutions in the past :)
1/2

22.01.2025 18:03 👍 1 🔁 0 💬 1 📌 0

WorstFit: Unveiling Hidden Transformers in Windows ANSI! 📌 This is a cross-post from DEVCORE. The research was first published at Black Hat Europe 2024. Personally, I would like to thank splitline, the co-author of this research & article, whose help

OMG, Orange Tsai released his latest new research 🤯 💣

blog.orange.tw/posts/2025-0...

10.01.2025 06:04 👍 33 🔁 19 💬 3 📌 2

Backdooring Your Backdoors - Another $20 Domain, More Governments After the excitement of our .MOBI research, we were left twiddling our thumbs. As you may recall, in 2024, we demonstrated the impact of an unregistered domain when we subverted the TLS/SSL CA process...

Old school or call it a classic: Hackers hacking hackers... labs.watchtowr.com/more-governm...

09.01.2025 05:40 👍 1 🔁 1 💬 0 📌 0

FCC Launches 'Cyber Trust Mark' for IoT Devices to Certify Security Compliance The U.S. Cyber Trust Mark enhances IoT security with NIST standards, QR codes, and accredited testing.

I'm hoping this becomes a success! It is really needed, as consumers have no information about the security of the IoT products they buy today. thehackernews.com/2025/01/fcc-...

08.01.2025 12:44 👍 0 🔁 0 💬 0 📌 0

Maybe... But I've seen this statement many times. Sadly a lot of "security ppl" are confused regarding cookies vs localStorage.

07.01.2025 21:23 👍 1 🔁 0 💬 0 📌 0

I disagree with "7. Token Handling Negligence". Storing JWT in localStorage is not an anti-pattern and is often a good pattern

07.01.2025 18:04 👍 0 🔁 0 💬 1 📌 0

Security Anti-Patterns in the AI Era Systemic mistakes masquerading as “practical solutions"

New Challenges, New Anti-Patterns

"I can tell you that AI is introducing some of the most fascinating – and terrifying – security challenges. Below are a few emerging anti-patterns you need to know about"

srajangupta.substack.com/p/security-a...

07.01.2025 17:59 👍 1 🔁 0 💬 1 📌 0

WorstFit!

Very impressive research (as always from @orange.tw ) ! worst.fit

11.12.2024 18:58 👍 1 🔁 0 💬 0 📌 0

My latest blog post is live! Check your Ruby on Rails applications for the use of params[:_json]

nastystereo.com/security/rai...

10.12.2024 08:30 👍 34 🔁 14 💬 1 📌 2

saif.google/secure-ai-fr...

06.12.2024 19:04 👍 1 🔁 0 💬 0 📌 0

MGDA-NEW_FEATURES-2024-12-03-23-22-55.json GitHub Gist: instantly share code, notes, and snippets.

New Feature on AWS GuardDuty Findings: Now available: Amazon GuardDuty Extended Threat Detection automatically detects multi-stage attacks sequences. An attack sequence is a critical severity (via @zoph.me )

gist.github.com/z0ph/960e35f...

04.12.2024 06:24 👍 1 🔁 0 💬 0 📌 0

INTERPOL Arrests 5,500 in Global Cybercrime Crackdown, Seizes Over $400 Million Global police arrest 5,500 suspects, seize $400M, dismantle $1.1B phishing syndicate in INTERPOL-led HAECHI-V.

Pretty big operation!
thehackernews.com/2024/12/inte...

02.12.2024 16:47 👍 0 🔁 0 💬 0 📌 0

x.com

Are we allowed to link to X? I feel a bit ashamed to do it… but it’s such a good thread!

"Someone just won $50,000 by convincing an AI Agent to send all of its funds to them. "

x.com/jarrodwattsd...

02.12.2024 13:42 👍 1 🔁 0 💬 0 📌 0

A Security Threat Model for eBPF
Security information and guidance to large enterprises using or looking to adopt eBPF-based tools (PDF) github.com/ebpffoundati...

02.12.2024 11:50 👍 3 🔁 0 💬 0 📌 0

How to use AWS Resource Control Policies | Wiz Blog Unlock the Power of AWS Resource Control Policies: Enforce Security and Streamline Governance Across Your Organization.

www.wiz.io/blog/how-to-...

28.11.2024 14:54 👍 0 🔁 0 💬 0 📌 0

GitHub - xairy/lights-out: Tools for controlling webcam LED on ThinkPad X230 Tools for controlling webcam LED on ThinkPad X230. Contribute to xairy/lights-out development by creating an account on GitHub.

Malware can turn off webcam LED and record video, demonstrated on ThinkPad X230 github.com/xairy/lights...

28.11.2024 06:12 👍 1 🔁 1 💬 0 📌 0

Cross-Site POST Requests Without a Content-Type Header / nastystereo.com

Nice bypass of CSRF protections that rely on the Content-Type request header being present and then checking the value. "Blob" to the rescue! nastystereo.com/security/cro...

28.11.2024 05:13 👍 2 🔁 0 💬 0 📌 0

Remote Code Execution with Spring Properties Recently a past student came to me with a very interesting unauthenticated vulnerability in a Spring application that they were having a hard time exploiting...

I just wrote a new blog post! This is how I (ab)used a jailed file write bug in Tomcat/Spring. Enjoy!

Remote Code Execution with Spring Properties :: srcincite.io/blog/2024/11...

26.11.2024 23:57 👍 76 🔁 36 💬 1 📌 2