New blog post: ORM Leaking More Than You Joined For
www.elttam.com/blog/leaking...
This wraps up our blog post series on the ORM Leak vulnerability class, which also includes Semgrep rules.
New blog post: Gotchas in Email Parsing - Lessons From Jakarta Mail, and includes @semgrep.com rules.
www.elttam.com/blog/jakarta...
Alex / @ghostccamm.bsky.social from our team will be presenting at @blackhatevents.bsky.social EU this December on "ORMageddon: Leaking More Than You Joined For"
www.blackhat.com/eu-25/briefi...
New advisory: Beego Method Override Could Bypass Before Filters <=2.3.8
github.com/elttam/publi...
Talkback has had several new features pushed recently, including a new Inbox view for easily keeping up with recent news and publications and MITRE ATT&CK tracking for resources.
talkback.sh
New blog post: New Method to Leverage Unsafe Reflection and Deserialisation and gain RCE on Rails www.elttam.com/blog/rails-s...
Boot security in the MCU, Daniel & Zoltan Madarassy - BSides Canberra 2024 youtu.be/LXdSVcvhJuI?... #BSidesCbr2024