Aggregator

真相是不是只有一个，可以来问问真实的柯南~

真相是不是只有一个，可以来问问真实的柯南~

How the NCSC is helping public sector organisations to adopt important anti-phishing protocols.

In the previous post we demonstrated how instructions embedded in untrusted data can invoke ChatGPT’s memory tool. The examples we looked at included Uploaded Files, Connected Apps and also the Browsing tool. When it came to the browsing tool we observed that mitigations were put in place and older demo exploits did not work anymore. After chatting with other security researchers, I learned that they had observed the same. However, with some minor prompting tricks mitigations are bypassed and we, again, can demonstrate automatic tool invocation when browsing the Internet with ChatGPT!

CVE-2022-29464 is a critical vulnerability that affected several web service integration products running on many sites.

—最近看到去年的BlackHat针对JWT的三种新攻击方式的议题，便想着复现一下学习学习。

—最近看到去年的BlackHat针对JWT的三种新攻击方式的议题，便想着复现一下学习学习。

—最近看到去年的BlackHat针对JWT的三种新攻击方式的议题，便想着复现一下学习学习。

—最近看到去年的BlackHat针对JWT的三种新攻击方式的议题，便想着复现一下学习学习。

—最近看到去年的BlackHat针对JWT的三种新攻击方式的议题，便想着复现一下学习学习。

—最近看到去年的BlackHat针对JWT的三种新攻击方式的议题，便想着复现一下学习学习。

—最近看到去年的BlackHat针对JWT的三种新攻击方式的议题，便想着复现一下学习学习。

Microsoft has identified a new North Korean threat actor, now tracked as Moonstone Sleet (formerly Storm-1789), that combines many tried-and-true techniques used by other North Korean threat actors, as well as unique attack methodologies to target companies for its financial and cyberespionage objectives.

The post Moonstone Sleet emerges as new North Korean threat actor with new bag of tricks appeared first on Microsoft Security Blog.

Learn how to write Burp Suite extensions using the new Montoya API with Kotlin and Visual Studio Code (VS Code)

The post Writing Burp extensions in Kotlin appeared first on Dana Epp's Blog.

模拟器下稳定安装最新版Magisk方案

“有利于提高社会生产力的方式均是有价值的”想节省一些时间，一直在偷懒的方向上前进。

“有利于提高社会生产力的方式均是有价值的”想节省一些时间，一直在偷懒的方向上前进。