HAQ.NEWS

# Daily

// Today, relay attack blocker, a code cracker called De4py, and a neat project reporter, PeCoReT. They found weak spots in Tenda routers and are studying a tricky RedLine Stealer malware. SmuggleFuzz spots sneaky web tricks, and Thinkst’s Tokens catch phishers. Google’s oss-fuzz-gen and Red Team Courses teach about computer safety, while DRAKVUF secretly checks for viruses. Synacktiv helps fight hackers, LEAKEY checks for secret leaks, and mydumbedr and CBMC help test and fix our computer guards. SSHimpanzee, CVE-2023-35636, and JS-Tap are awesome tools to protect our computers. We learn to stop sneaky attacks with OAuth tips, keep our 2FA apps safe, and use ExecIT and PurpleLab to practice protecting our computers! [more...]
 
// Deploy ulexecve to execute ELF binaries in Linux userland for discreet operations. Soroush Dalili offers insightful methods for exploiting IIS Short File Name issues. Learn how custom EDR systems detect malicious activities, as demonstrated by SensePost’s practical example. Use DIFFER by Trail of Bits to spot bugs in modified software. ADOKit targets Azure DevOps Services, offering reconnaissance and escalation capabilities. Stompy adjusts file MAC times, aiding in forensic countermeasures. Analyze Apache OFBiz vulnerabilities to understand authentication bypasses and implement recommended patches. [more...]
 
// Check out BOFHound's new LDAP parsing capabilities and SigFinder's binary authentication signature scanning. Learn how Shielder's analysis of ASUS routers impacts real-world security and explore the use of BOF Launcher for varied programming environments. [more...]
 
// Analyze and understand various cyber techniques including LOLSpoof for hiding commands, KrustyLoader for sneaking backdoors, tools for cracking passwords using GDB, BucketLoot for detecting data leaks, TeleTracker for disrupting Telegram channels, and methods for network control with SSH-botnet. [more...]
 
// Reversing Soviet era computers chips, Awesome GPT Agents, and espionage by Islamic Revolutionary Guard Corps’ are the top three links for me today. [more...]
 
<< 15 of 18 >>

# Recent Podcasts

# Emailz

First HAQ.NEWS was just descriptions and links I shared on social media. Then a buddy wanted an rss feed and now folks are requesting emails. Give me your address if you want emails too. Simple single click unsubscribe if it gets annoying.


# F.A.Q

Problem

Many websites are using AI/ML to create clickbait which actually doesn't have any valuable content.

Value

I use AI to de-clickbait the clickbait by allowing AI to read my news for me. Then it creates a meaningful tldr; regarding the articles of interest which helps discern what I should read. It is saving me a ton of time.

Why

FWIW HAQ.NEWS really started out as my personal news feed, enriched by Ai, and converted into something quick and easy to read. But then I started getting requests for features like rss, Gracie got involved, and with the super-power of Ai things have taken on a life of their own.

Sharing

I currently post daily infosec news to x, linkedin, mastodon and rss.

I also post daily infosec podcasts and interviews to apple podcasts and spotify.

Ads

This isn't an Ad.

current friend of haq 2024-04-12

I want to encourage people and projects that impress me, by posting a banner linking their work, as it's my desire to help others. I do not take or make any money.

Thanks,
Jared Folkins

Mastodon