🔥The 9th Round of Easy Loan, Earn $40 Reward is in progress❗️ ⏰ Promotion Period: January 15th - Feburary 15th, 2025 👉 Register now and check more details at gate.io/campaigns/358

Cyber Security News SmuggleShield - Browser Extension to Detect HTML Smuggling Attacks Source: gbhackers.com/smuggleshield-… SmuggleShield, a recently launched browser extension, is gaining attention in the cybersecurity space for its innovative approach to mitigating HTML smuggling

🚀 Exciting news! 🚀 Join us for the Null Dubai chapter Monthly Meet on Jan 11, 2025, at the Microsoft UAE venue. 🔒 Get ready for an electrifying lineup of talks that will keep you on the edge of your seat! null - The Open Security Community Register : null.community/events/1092-du…

Is your Electron app secure? In Part 1 of our series, #CobaltCore member Dhiraj Mishra breaks down common Electron app misconfigurations and shares practical tips to secure them. Read now: hubs.la/Q033188c0 #Cybersecurity #AppSecurity #ElectronApps #Pentesting

I wrote a blog on "Hunting Common Misconfigurations in Electron Apps - Part 1" (Cobalt) cobalt.io/blog/common-mi… #infosec

GitHub - RootUp/SmuggleShield: Protection against HTML smuggling attempts. (ML) dlvr.it/THjWVw #cyber #threathunting #infosec

I have updated the pattern in SmuggleShield that blocks Shuckworm html-smuggling referenced from (broadcom.com/support/securi…) GH - github.com/RootUp/Smuggle… #infosec #blueteam #ThreatProtection

Still not sure what I have been developing so far? "SmuggleShield" is a browser extension which helps preventing HTML smuggling attacks. I created the below podcast which you can listen and understand the working flow. open.spotify.com/episode/2c7MQV… #infosec #redteam #blueteam

Thank you Insomni'hack I had fun delivering the talk last week, such a great audience. I talked about my research named SVG smuggling and the open-source tool "SmuggleShield". (github.com/RootUp/Smuggle…) #infosec

Great research here this technique leverages Rust’s capabilities to compile to WASM for HTML smuggling (lrqa.com/en/cyber-labs/…) - Next Level Smuggling with WebAssembly. However, my extension "SmuggleShield" prevents such crafted file by default. #infosec #redteam #blueteam

I'll be at Black Hat Asia presenting my tool "SmuggleShield", do visit my station if you are around. #infosec

Just learned a neat way of hiding file within favicon (.ico). You can manipulate the dual directory entry structure and smuggle any file type in it. Here is a quick raw script I put together for testing.(github.com/RootUp/Persona…) #infosec #redteam

Never trust a favicon at face value. 👀 Dhiraj demonstrates how attackers can hide malicious files inside .ico icons by exploiting their dual directory structure — allowing payloads to slip past filters in a stealth move similar to HTML smuggling.

Stoked! Our (Suraj) work on SVG Smuggling is now part of MITRE ATT&CK (T1027.017)! attack.mitre.org/techniques/T10… #infosec #redteam

The next update for the Offensive Phishing Operations course will be heavily focused on HTML Smuggling and will be going up against Dhiraj's awesome SmuggleShield. We'll also be demonstrating a module that combines anti-bot capabilities with HTML smuggling. More info:

Offensive Phishing Operations Update 2 Released: maldevacademy.com/phishing-cours… - HTML Smuggling Strategies - Analyzing and Evading SmuggleShield (S/O Dhiraj) - Integrating Anti-Bot With HTML Smuggling - SVG Smuggling - WebAssembly Smuggling

Alright! I'll be presenting my tool "SmuggleShield" at BlackHat USA, see you there if you are around.(github.com/RootUp/Smuggle…) #infosec #redteam #blueteam

We (Zubin) are currently running 10% discount on our fuzzing course for DEFCON use the below link to register your interest in our two-day training program. Discount link: training.defcon.org/discount/DCTLV… #infosec #fuzzing #defcon

I wrote a blog on Medium, "Brewing Trouble - Dissecting a macOS Malware Campaign". medium.com/deriv-tech/bre… #infosec #redteam