Jumping the air gap: 15 years of nation‑state effort Security News & Discussion

---

• Jumping the air gap: 15 years of nation‑state effort
• So many SCA tools.. all with different results
• Encryption Does Not Equal Invisibility – Detecting Anomalous TLS Certificates with the Half-Space-Trees Algorithm
• Mobile banking fraud: BRATA strikes again | Cleafy Labs
• Cross-Account Access Vulnerability on AWS SageMaker Jupyter Notebook Instance
• Bypassing Box’s Time-based One-Time Password MFA
• pip-audit: a tool for identifying Python packages with known vulnerabilities
• This shouldn't have happened: A vulnerability postmortem
• Reverse engineering REST APIs/network communication in a process (12 part series)
• An Illustrated Guide to Elliptic Curve Cryptography Validation
• SonarSource's Code Security Advent Calendar starts today!
• Tracking a P2P network related to TA505
• Unpacking and decryption tools for the Emotet malware
• The Re-Emergence of Emotet
• What does APT Activity Look Like on MacOS?

Jumping the air gap: 15 years of nation‑state effort Posted: 02 Dec 2021 10:55 PM PST submitted by /u/0xdea [link] [comments]

So many SCA tools.. all with different results Posted: 02 Dec 2021 09:28 AM PST submitted by /u/Jazzlike-Vegetable69 [link] [comments]

Encryption Does Not Equal Invisibility – Detecting Anomalous TLS Certificates with the Half-Space-Trees Algorithm Posted: 02 Dec 2021 02:01 AM PST submitted by /u/digicat [link] [comments]

Mobile banking fraud: BRATA strikes again | Cleafy Labs Posted: 03 Dec 2021 02:34 AM PST submitted by /u/f3d_0x0 [link] [comments]

Cross-Account Access Vulnerability on AWS SageMaker Jupyter Notebook Instance Posted: 02 Dec 2021 09:10 AM PST submitted by /u/gafnita [link] [comments]

Bypassing Box’s Time-based One-Time Password MFA Posted: 02 Dec 2021 07:27 AM PST submitted by /u/VaronisThreatLabs [link] [comments]

pip-audit: a tool for identifying Python packages with known vulnerabilities Posted: 01 Dec 2021 10:31 AM PST submitted by /u/yossarian_flew_away [link] [comments]

This shouldn't have happened: A vulnerability postmortem Posted: 01 Dec 2021 04:03 PM PST submitted by /u/DrinkMoreCodeMore [link] [comments]

Reverse engineering REST APIs/network communication in a process (12 part series) Posted: 01 Dec 2021 01:08 PM PST submitted by /u/cr0_ [link] [comments]

An Illustrated Guide to Elliptic Curve Cryptography Validation Posted: 30 Nov 2021 10:58 PM PST submitted by /u/Gallus [link] [comments]

SonarSource's Code Security Advent Calendar starts today! Posted: 01 Dec 2021 06:11 AM PST submitted by /u/monoimpact [link] [comments]

Tracking a P2P network related to TA505 Posted: 01 Dec 2021 01:54 AM PST submitted by /u/digicat [link] [comments]

Unpacking and decryption tools for the Emotet malware Posted: 30 Nov 2021 08:36 AM PST submitted by /u/ron_by [link] [comments]

The Re-Emergence of Emotet Posted: 30 Nov 2021 08:35 AM PST submitted by /u/ron_by [link] [comments]

What does APT Activity Look Like on MacOS? Posted: 29 Nov 2021 01:05 PM PST submitted by /u/MiguelHzBz [link] [comments]

You are subscribed to email updates from /r/netsec - Information Security News & Discussion. To stop receiving these emails, you may unsubscribe now.	Email delivery powered by Google
Google, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States