ret2ru
LightNews LightNews
ret2moscow.bsky.social
ret2ru
@ret2moscow.bsky.social
10 followers 68 following 0 posts
Weird Machine Mechanic /
Mathematics as hobbies.
Posts Replies Media Videos
Reposted by ret2ru
linkersec.bsky.social
Novel approach to exploit a limited OOB on Ubuntu at Pwn2Own Vancouver 2024

Slides from a talk by Pumpkin Chang about exploiting a stack out-of-bounds write bug in the traffic control subsystem.

u1f383.github.io/slides/talks...
November 27, 2024 at 6:51 PM
Reposted by ret2ru
bleepingcomputer.com
A malware botnet is exploiting a zero-day vulnerability in end-of-life GeoVision devices to compromise and recruit them for likely DDoS or cryptomining attacks.
www.bleepingcomputer.com/news/securit...
Botnet exploits GeoVision zero-day to install Mirai malware
A malware botnet is exploiting a zero-day vulnerability in end-of-life GeoVision devices to compromise and recruit them for likely DDoS or cryptomining attacks.
www.bleepingcomputer.com
November 15, 2024 at 7:40 PM
Reposted by ret2ru
bleepingcomputer.com
Chinese threat actors use a custom post-exploitation toolkit named 'DeepData' to exploit a zero-day vulnerability in Fortinet's FortiClient Windows VPN client that steal credentials.
www.bleepingcomputer.com/news/securit...
Chinese hackers exploit Fortinet VPN zero-day to steal credentials
Chinese threat actors use a custom post-exploitation toolkit named 'DeepData' to exploit a zero-day vulnerability in Fortinet's FortiClient Windows VPN client that steal credentials.
www.bleepingcomputer.com
November 18, 2024 at 9:51 PM
Reposted by ret2ru
bleepingcomputer.com
The new 'Helldown' ransomware operation is believed to target vulnerabilities in Zyxel firewalls to breach corporate networks, allowing them to steal data and encrypt devices.

www.bleepingcomputer.com/news/securit...
Helldown ransomware exploits Zyxel VPN flaw to breach networks
The new 'Helldown' ransomware operation is believed to target vulnerabilities in Zyxel firewalls to breach corporate networks, allowing them to steal data and encrypt devices.
www.bleepingcomputer.com
November 19, 2024 at 5:25 PM
Reposted by ret2ru
bleepingcomputer.com
D-Link is warning customers to replace end-of-life VPN router models after a critical unauthenticated, remote code execution vulnerability was discovered that will not be fixed on these devices.

www.bleepingcomputer.com/news/securit...
D-Link urges users to retire VPN routers impacted by unfixed RCE flaw
D-Link is warning customers to replace end-of-life VPN router models after a critical unauthenticated, remote code execution vulnerability was discovered that will not be fixed on these devices.
www.bleepingcomputer.com
November 19, 2024 at 6:51 PM