
Last Week in Security - 2023-02-21
FortiNAC RCE, NimPlant, LPE via GPO, bypassing Okta MFA, injection with NtQueueApcThreadEx, DKOM attacks on ETW providers, and more!

Last Week in Security - 2023-02-13
Phishing in 2023, SaltStack A-Salt, LocalPotato, install4j XXE, LPE in Avast, learning Semgrep, and more!


ChatGPT: Cyber Impact Assessment
BY DAVID VEALE, Senior Offensive Cyber Operator Introduction On November 30th, 2022, OpenAI seemingly catapulted Artificial Intelligence (AI) and Machine Learning (ML) into mainstream consciousness with the public beta launch of the ChatGPT project. From philosophers to YouTubers, the power of ChatGPT captured the creativity and imagination of millions. Through all the fanfare, cybersecurity professionals saw dangerous opportunities for use and abuse. Used unethically, AI inc

Last Week in Security - 2023-02-06
Pre-Auth RCE in a RoR app, IP phone pwnage, GoAnywhere RCE, Toyota supplier network hack, PipeViewer, reverse socks5, certsync, and more!