Hacker News with Generative AI: Security Research

How to find exploits in video games (shalzuth.com)
In this guide, I'll walk you through how I create tools to find exploits in video games for bug bounty programs. Specifically, I'll focus on my research into the game Sword of Convallaria.

Video Games, Bug Bounties, Security Research

188 points by shalzuth 13 days ago | 32 comments

Thousands of Linux systems infected by stealthy malware since 2021 (arstechnica.com)
Thousands of machines running Linux have been infected by a malware strain that’s notable for its stealth, the number of misconfigurations it can exploit, and the breadth of malicious activities it can perform, researchers reported Thursday.

Cybersecurity, Linux, Malware, Security Research

34 points by lisper 49 days ago | 12 comments

Network Traffic Analysis of ICMP "Love" Noise Storms (darthnull.org)
Earlier this month, I attended BSidesNoVA in Arlington, where the keynote was Andrew Morris of GreyNoise. Using sensors distributed all over the world, GreyNoise collects…background noise…on the Internet. Basically, they watch and monitor activity that hits lots of hosts randomly – network mapping, port scanning, doorknob rattling. If you see someone trying to break into your SSH server, you can check GreyNoise to see if that person (well, their IP, anyway) has been seen doing such things in the past.

Network Security, Internet, Data Analysis, Security Research

9 points by a_morris 55 days ago | 2 comments

Notes on AWS Nitro Enclaves: Attack Surface (trailofbits.com)
In the race to secure cloud applications, AWS Nitro Enclaves have emerged as a powerful tool for isolating sensitive workloads. But with great power comes great responsibility—and potential security pitfalls. As pioneers in confidential computing security, we at Trail of Bits have scrutinized the attack surface of AWS Nitro Enclaves, uncovering potential bugs that could compromise even these hardened environments.

Cloud Security, AWS, Security Research, Confidential Computing

20 points by tatersolid 58 days ago | 1 comments

Notes and Receipts (PCAPs) for TCP and ICMP Noise Storms (github.com/GreyNoise-Intelligence)
Notes and receipts (PCAPs) for TCP and ICMP Noise Storms

Network Security, Security Research, TCP/IP, ICMP

16 points by jayhoon 62 days ago | 1 comments

0day Contest for End-of-Life Devices Announced (districtcon.org)
The Junkyard is a platform to showcase novel security research and support hobby and career development for security researchers.

Security Research, Cybersecurity, End-of-Life Devices, Competitions

261 points by winnona 64 days ago | 155 comments

Debunking fake stock Pixel OS vulnerability from an EDR company (grapheneos.org)

Cybersecurity, Android, Operating Systems, Security Research

35 points by kaspar030 97 days ago | 7 comments

Black Hat 2024: Secure Shells in Shambles [pdf] (blackhat.com)

Cybersecurity, Conferences, Security Research, Hacking

101 points by hdmoore 103 days ago | 30 comments

The Wild West of Proof of Concept Exploit Code (PoC) (santandersecurityresearch.github.io)

Cybersecurity, Security Research, Exploit Code

5 points by todsacerdoti 116 days ago | 0 comments

ArcaneDoor – New campaign found targeting network devices (talosintelligence.com)

Cybersecurity, Network Security, Malware, Campaigns, Security Research

72 points by voisin 208 days ago | 23 comments