Penetration Testing

FEBRUARY 24, 2024

Troll-A Troll-A is a command line tool for extracting secrets such as passwords, API keys, and tokens from WARC (Web ARChive) files. Troll-A is an easy-to-use, comprehensive, and fast solution for finding secrets in web archives. Features... The post troll-a: extracting secrets such as passwords, API keys, and tokens from Web ARChive files appeared first on Penetration Testing.

Passwords 138

Passwords Penetration Testing 138

Security Affairs

FEBRUARY 24, 2024

Apple announced the implementation of a post-quantum cryptographic protocol called PQ3 will be integrated into iMessage. Apple announced a new post-quantum cryptographic protocol called PQ3 that will be integrated into the company messaging application iMessage to secure communications against highly sophisticated quantum attacks. Apple said that PQ3 is the first messaging protocol to reach what they call Level 3 security, which is the most secure protocol for messaging apps today.

Encryption 125

Encryption Authentication Hacking Accountability 125

Bleeping Computer

FEBRUARY 24, 2024

Apple is adding to the iMessage instant messaging service a new post-quantum cryptographic protocol named PQ3, designed to defend encryption from quantum attacks. [.

Encryption 118

Encryption Software 118

Security Affairs

FEBRUARY 24, 2024

A Russian national (49) was charged with a cyberattack on a local power plant that caused a widespread blackout. The news agency TASS reported that a Russian national (49) is set to face trial on charges of carrying out a cyberattack on a local power plant that left 38 villages in the Vologda region in the dark. The attack took place one year ago, the man faces up to eight years in prison.

Hacking 113

Hacking Government Technology Cybercrime 113

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

The Hacker News

FEBRUARY 24, 2024

Microsoft has expanded free logging capabilities to all U.S. federal agencies using Microsoft Purview Audit irrespective of the license tier, more than six months after a China-linked cyber espionage campaign targeting two dozen organizations came to light.

Accountability 100

Accountability 100

WIRED Threat Level

FEBRUARY 24, 2024

A student investigation at the University of Waterloo uncovered a system that scanned countless undergrads without consent.

118

118

WIRED Threat Level

FEBRUARY 24, 2024

Plus: Scammers try to dupe Apple with 5,000 fake iPhones, Avast gets fined for selling browsing data, and researchers figure out how to clone fingerprints from your phone screen.

Hacking 93

Hacking 93

Security Boulevard

FEBRUARY 24, 2024

Many thanks to USENIX for publishing their outstanding USENIX Security ’23 Presenter’s content, and the organizations strong commitment to Open Access. Originating from the conference’s events situated at the Anaheim Marriott ; and via the organizations YouTube channel. The post USENIX Security ’23 – Dawei Wang, Ying Li, Zhiyu Zhang, Kai Chen – CarpetFuzz: Automatic Program Option Constraint Extraction from Documentation for Fuzzing appeared first on Security Boulevard.

62

62

Penetration Testing

FEBRUARY 24, 2024

UAC-BOF-Bonanza This repository serves as a collection of public UAC bypass techniques that have been weaponized as BOFs. A single module that integrates all techniques has been provided to use the BOFs via the... The post UAC-BOF-Bonanza: Collection of UAC Bypass Techniques Weaponized as BOFs appeared first on Penetration Testing.

Penetration Testing 105

Penetration Testing 105