Taking over Train infrastructure in Poland /Traction power substation and lighting systems #TrainInfrastructurePoland #TractionPowerSubstations #LightingSystems #ICSResearch #InfrastructureAttack https://medium.com/@bertinjoseb/taking-over-train-infrastructure-in-poland-traction-power-substation-and-lighting-systems-2948594f259d
RME-DisCo @ UNIZAR [www.reversea.me]
@reverseame
Telegram channel of RME, part of the DisCo Research Group of the University of Zaragoza (Spain) focused on cybersecurity aspects. "It’s not that I have something to hide. I have nothing I want you to see"
Link to the channel: https://t.me/reverseame
RME-DisCo @ UNIZAR [www.reversea.me]
22 Oct, 14:48
SSD Advisory – LANCOM LCOS Heap Overflow https://ssd-disclosure.com/ssd-advisory-lancom-lcos-heap-overflow/
RME-DisCo @ UNIZAR [www.reversea.me]
22 Oct, 09:44
Linux debugging, profiling and tracing training https://bootlin.com/doc/training/debugging/debugging-slides.pdf
RME-DisCo @ UNIZAR [www.reversea.me]
22 Oct, 05:50
CVE-2024-8190: Investigating CISA KEV Ivanti Cloud Service Appliance Command Injection Vulnerability #CVE-2024-8190 #IvantiCloudService #CISAKEV #CommandInjection #Horizon3AI https://www.horizon3.ai/attack-research/cisa-kev-cve-2024-8190-ivanti-csa-command-injection/
RME-DisCo @ UNIZAR [www.reversea.me]
21 Oct, 18:37
Exploiting Microsoft Kernel Applocker Driver (CVE-2024-38041) #MicrosoftKernelCVE #CyberSecurityServices #PatchDiffing #ExploitationProcess #RootCauseAnalysis https://csa.limited/blog/20240916-Exploiting-Microsoft-Kernel-Applocker-Driver.html
RME-DisCo @ UNIZAR [www.reversea.me]
21 Oct, 13:45
Exploit for CVE-2024-8504 & CVE-2024-8503: SQLi and RCE #Exploit #CVE-2024-8504 #SQLi #RCE #Vulnerabilities https://darkwebinformer.com/exploit-for-cve-2024-8504-cve-2024-8503-sqli-and-rce/
RME-DisCo @ UNIZAR [www.reversea.me]
21 Oct, 09:38
Acquiring Malicious Browser Extension Samples on a Shoestring Budget #acquiringMaliciousExtensions #crypto #cryptanalysis #C2Domains #IOCs https://pberba.github.io/crypto/2024/09/14/malicious-browser-extension-genesis-market/
RME-DisCo @ UNIZAR [www.reversea.me]
21 Oct, 05:36
CVE-2023-28324 Deep Dive: Ivanti Endpoint Manager AgentPortal Improper Input Validation #IvantiEndpointManager #CVE-2023-28324 #DeepDive #InputValidation #Horizon3ai https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-28324-deep-dive/
RME-DisCo @ UNIZAR [www.reversea.me]
20 Oct, 11:37
Microsoft Windows MSI Installer - Repair to SYSTEM - A detailed journey #Microsoft #Windows #MSIInstaller #Repair #SECConsultVulnerability https://sec-consult.com/blog/detail/msi-installer-repair-to-system-a-detailed-journey/
RME-DisCo @ UNIZAR [www.reversea.me]
19 Oct, 11:37
CVR: The Mines of Kakadûm https://bughunters.google.com/blog/6220757425586176/cvr-the-mines-of-kakad-m
RME-DisCo @ UNIZAR [www.reversea.me]
18 Oct, 10:10
We analyzed RTVE's geo-blocking implementation and found a vulnerability that allows unauthorized access to restricted content. Do you want to know more? Full story here: https://reversea.me/index.php/when-geolocation-based-media-streaming-blocking-goes-bad/ #WebAppSecurity #VulnAnalysis #RME #Research
RME-DisCo @ UNIZAR [www.reversea.me]
18 Oct, 05:40
Why Django’s [DEBUG=True] is a Goldmine for Hackers #DjangoDEBUGTrue #HackersGoldmine #SensitiveDataExposure #PreventExploitation #CybersecurityAwareness https://medium.com/@verylazytech/why-djangos-debug-true-is-a-goldmine-for-hackers-01486289607d
RME-DisCo @ UNIZAR [www.reversea.me]
16 Oct, 18:39
A new TrickMo saga: from Banking Trojan to Victim's Data Leak #TrickMo #AndroidTrojan #DataLeak #Cybersecurity #ThreatActor https://www.cleafy.com/cleafy-labs/a-new-trickmo-saga-from-banking-trojan-to-victims-data-leak
RME-DisCo @ UNIZAR [www.reversea.me]
16 Oct, 14:39
We Spent $20 To Achieve RCE And Accidentally Became The Admins Of .MOBI #RCE #AdminsOfMOBI #WHOISExploitation #InternetSecurity #GlobalSignBreach https://labs.watchtowr.com/we-spent-20-to-achieve-rce-and-accidentally-became-the-admins-of-mobi/
RME-DisCo @ UNIZAR [www.reversea.me]
16 Oct, 09:41
Bytecode Reuse Attack (Part 4) #BytecodeReuse #Exploitation #Security #Android #Mitigations https://lolcads.github.io/posts/2024/09/bytecode_exploitation_3/
RME-DisCo @ UNIZAR [www.reversea.me]
16 Oct, 06:34
The Security Canary Maturity Model #SecurityCanaryMaturityModel #Tracebit #CanaryDeployment #MaturityLevels #SecurityPrograms https://tracebit.com/blog/the-security-canary-maturity-model
RME-DisCo @ UNIZAR [www.reversea.me]
15 Oct, 18:47
Feeld dating app – Your nudes and data were publicly available #FeeldDatingApp #DataBreach #CyberSecurityLondon #Vulnerabilities #PrivacyIssues https://fortbridge.co.uk/research/feeld-dating-app-nudes-data-publicly-available/
RME-DisCo @ UNIZAR [www.reversea.me]
15 Oct, 13:47
Bytecode Injection (Part 3) #BytecodeInjection #Exploitation #Android #Java #CommandExecution https://lolcads.github.io/posts/2024/09/bytecode_exploitation_2/
RME-DisCo @ UNIZAR [www.reversea.me]
15 Oct, 09:40
Decrypting and Replaying VPN Cookies #VPNcookie #reverseengineering #HIPchecks #keyderivation #redteamdefense https://rotarydrone.medium.com/decrypting-and-replaying-vpn-cookies-4a1d8fc7773e
RME-DisCo @ UNIZAR [www.reversea.me]
15 Oct, 06:50
(not related to cybersecurity, but worth mentioning :)) Web port of the original Diablo game https://d07riv.github.io/diabloweb/
2,370
subscribers
1
photos
4,761
videos
