CyberSecurityTechnologies

关闭频道

We have been working for YOU for more than 8 years!!! https://t.me/+9vdG4JOSgY8xMzdi See also: https://t.me/Cognitive_Security https://t.me/CyberSecurityOSINT https://t.me/Wireless_Cybersecurity For All Questions: in messages to the channel

显示更多

美国1 021 技术与应用3 813...

📈 Telegram 频道 CyberSecurityTechnologies 的分析概览

频道 CyberSecurityTechnologies 英语语言赛道中的是活跃参与者。目前社区聚集了 35 588 名订阅者，在 技术与应用 类别中位列第 3 813，并在美国地区排名第 1 021 位。

📊 受众指标与增长动态

自 невідомо 创建以来，项目保持高速增长，吸引了 35 588 名订阅者。

根据 26 六月, 2026 的最新数据，频道保持稳定运转。过去 30 天订阅人数变化为 -452，过去 24 小时变化为 -15，整体触达仍然可观。

认证状态： 未认证
互动率 (ER)： 平均受众互动率为 7.30%。内容发布后 24 小时内通常能获得 2.95% 的反应，占订阅者总量。
帖子覆盖： 每篇帖子平均可获得 2 600 次浏览，首日通常累积 1 049 次浏览。
互动与反馈： 受众积极参与，单帖平均反应数为 11。
主题关注点： 内容集中在 cve-2025, attack, threat, detection, llm 等核心主题上。

📝 描述与内容策略

作者将该频道定位为表达主观观点的平台：
“We have been working for YOU for more than 8 years!!! https://t.me/+9vdG4JOSgY8xMzdi See also: https://t.me/Cognitive_Security https://t.me/CyberSecurityOSINT https://t.me/Wireless_Cybersecurity For All Questions: in messages to the channel”

凭借高频更新（最新数据采集于 27 六月, 2026），频道始终保持新鲜度与高覆盖。分析显示受众积极互动，使其成为 技术与应用 类别中的关键影响点。

35 588

订阅者

-1524 小时

-1127 天

-45230 天

2 600

帖子浏览量

~ 1 04924 小时

~ 1 33348 小时

7.30%

参与率

~ 1

每日帖子数

Ads index

beta

帖子存档

35 588

#Analytics #Threat_Research An analytical review of the main cybersecurity events (June 1-26, 2026) 1⃣ Old Bug, Harder Rules: Exploiting CVE-2023-36802 Without the Usual Shortcuts https://starlabs.sg/blog/2026/06-old-bug-harder-rules-exploiting-cve-2023-36802-without-the-usual-shortcuts // Type confusion bug in Microsoft’s Streaming Service 2⃣ Dissecting and Exploiting Linux LPE Variant: DirtyClone (CVE-2026-43503) https://research.jfrog.com/post/dissecting-and-exploiting-linux-lpe-variant-dirtyclone-cve-2026-43503 // CVE-2026-43503 is a workaround for Dirty Frag vulnerability in xfrm-ESP module, which is used to accelerate encryption operations in IPsec using ESP 3⃣ Patch the Planet: a Daybreak initiative to support open source maintainers https://openai.com/index/patch-the-planet 4⃣ StrikeShark malware loader https://securelist.com/strikeshark-campaign/120326 // malware loader used in StrikeShark campaign to deploy Cobalt Strike Beacons via DLL hijacking and encrypted stages 5⃣ NGINX ngx_http_v3_module vulnerability https://my.f5.com/manage/s/article/K000161616 // CVE-2026-42530 6⃣ BOD 26-04: Prioritizing Security Updates Based on Risk 7⃣ AMD will reinstate memory encryption on Ryzen 9000 CPUs through a BIOS update in July 8⃣ libssh2 vulnerabilities https://www.secure-iss.com/newsroom/libssh2-critical-vulnerabilities-rce-dos // Out-of-Bounds Write via Unchecked packet_length in transport.c (CVE-2026-55200, CVE-2026-55199) 9⃣ HallWatch user mode detector https://github.com/Zypherion-Technologies/HallWatch // Usermode detector that catches indirect syscalls. Traps Hell's Hall, Tartarus' Gate, RecycledGate, VEH syscalls & more 🔟 AI SOC Evaluation Framework

35 588

#WebApp_Security "What Browsers Do in the Shaders: A Measurement Study of WebGPU Privacy", Jun 2026. // WebGPU lets ordinary web pages run GPU workloads through a validated programming model. Validation protects memory safety, but shared browser, driver, OS, and GPU state can still expose privacy-relevant signals. WGPULens - framework for measuring those signals across controlled scenarios, browser-native co-residency, a participant field study, public page loads, and mitigation policies

35 588

#Fuzzing #reversing #Research #Mobile_security "Protocol Prying: Systematic Vulnerability Research in the Apple AirDrop and Android Quick Share Proximity Transfer Protocols", Jun 2026. ]-> artifacts // the first cross-platform reverse engineering and protocol-aware fuzzing study of both stacks

35 588

#Kernel_Security When Defenses Become Attack Surface: CVE-2026-20971, a Samsung Kernel UAF https://lucidbitlabs.com/blog/when-defenses-become-attack-surface // Target: Samsung Android Kernel. Affected Devices: Galaxy S9 through Galaxy S25, A-series, Exynos, and Qualcomm devices. Impact: App to Kernel memory corruption. Status: Reported by LucidBit, fixed on Samsung's January 2026 Android security update

35 588

#Whitepaper "Capturing the Click: Process-Based Detection of Malicious Link Interactions", Apr. 2026. // Web links remain one of the most reliably abused vectors in phishing attacks. However, defenders continue to depend on network-based monitoring and post-execution detection that activate only after an account has been compromised. This research validates the browser command-line flags used by Chrome, Edge, Firefox as parameters in process-creation events, capturing both the clicked URL and the parent application, document, or script that delivered it

35 588

#OpSec #MalDev #Offensive_security Sleeping Beauty: Part 1 - Putting Adaptix to Bed with Crystal Palace Part 2 - CFG, CET, and Stack Spoofing // A tale of relocations, ROP chains, and the quest to make an Adaptix beacon sleep gracefully.. // Disclaimer

35 588

#Research #hardening #Cloud_Security "A Comparison of Kubernetes Compliance Standards and Configuration Scanners", Jun 2026. ]-> benchmark for evaluating and comparing Kubernetes security scanners // This research presents a systematic comparison of eight commonly used Kubernetes hardening guidelines

35 588

#Space_Security "A Conditional Timing Protection Level: Holdover-Limited Undetected Time Error Under GNSS Spoofing", Jun 2026. ]-> GNSS Dataset Under Jamming, Spoofing, and Meaconing Conditions // the threat is a slow, common-mode pull of served clock time that the receiver's own time-accuracy flag need not reveal

35 588

#AppSec #Threat_Research PixelSmash - Critical FFmpeg Vulnerability https://jfrog.com/blog/pixelsmash-critical-ffmpeg-vulnerability-turns-media-files-into-weapons // CVE-2026-8461 - critical vulnerability in FFmpeg's MagicYUV decoder leads to RCE via a crafted media file

35 588

#Infosec_Standards NIST SP 800-126r4: "Technical Specification for the Security Content Automation Protocol (SCAP Version 1.4)", June 2026. // The Security Content Automation Protocol (SCAP) is a suite of specifications that standardize the format and nomenclature by which software flaw and security configuration information is communicated, both to machines and humans. This publication, along with its annex (NIST SP 800-126Ar4) and a set of schemas, define the technical composition of SCAP ver.1.4 in terms of its component specifications, their interrelationships and interoperation, and the requirements for SCAP content

35 588

#Malware_analysis "macOS Infostealer Exfiltration Techniques via Native Tooling: Behavioral Analysis and Defenses", April 2026. // This paper analyzes macOS infostealers and their reliance on native system utilities. Analysis shows that multiple malware families use the native utility, curl, commonly for exfiltration. Command-line options and arguments vary across malware families, indicating that infostealer exfiltration can be detected and triaged when detections are tailored to find exfiltration activity. This can lead to multiple approaches for security teams when developing detection rules and modeling cyber threats

35 588

#Kernel_Security CIFSwitch: a non-universal Linux local root vulnerability https://heyitsas.im/posts/cifswitch // CIFSwitch (CVE-2026-46243) - distro-specific Linux LPE found by harnessing LLMs into better multihop knowledge composition

35 588

#Whitepaper #Hardware_Security "USB: Universal Security Breach or Uniquely Secured Bus? Assessing the Effectiveness of Windows 11 Group Policy at Controlling USB Device Installation for Budget-Constrained Security Teams", May 2026. // This study contributes a tiered decision framework for selecting a minimum viable GPO configuration and the novel finding that Windows applies ASCII hexadecimal encoding to certain storage device serial numbers when constructing Device Instance IDs - a behavior with direct implications for allowlist design. Budget-constrained security teams can implement all three tiers using tools already present in Win11 Enterprise, without additional licensing costs or specialized hardware

35 588

#NetSec #AppSec 1⃣ Squidbleed (CVE-2026-47729) https://blog.calif.io/p/squidbleed-cve-2026-47729 // Heartbleed-style heap buffer overread in Squid Proxy's FTP parser that leaks internal memory, including HTTP request data, due to a C bug when parsing missing filenames 2⃣ Chaining Security Bugs in Discuz! X5.0: from Race Condition to Pre-Auth RCE https://karmainsecurity.com/chaining-bugs-in-discuz-from-race-condition-to-rce // A chain of vulns in Discuz! X5.0 enables unauthenticated access to RCE through AI-assisted CAPTCHA bypass, database race conditions, token reuse, and LFI exploits, culminating in persistent OS command execution 3⃣ CVE-2026-0826: Critical unauthenticated stack buffer overflow in HP Poly VVX and Trio VoIP Phones https://www.rapid7.com/blog/post/ve-cve-2026-0826-critical-unauthenticated-stack-buffer-overflow-hp-poly-vvx-trio-voip-phones-fixed // Vulnerable: VVX 150, 250, 350, and 450, as well as Trio IP Conference series (Trio 8800, 8500, 8300)

35 588

#Malware_analysis 1⃣ Interlock and Rhysida within the ransomware ecosystem https://www.ibm.com/think/x-force/interlock-and-rhysida-within-the-ransonware-ecosystem 2⃣ Preliminary analysis of AUR malware https://ioctl.fail/preliminary-analysis-of-aur-malware 3⃣ Analysis of APT37 NarwhalRAT https://www.genians.co.kr/en/blog/threat_intelligence/narwhalrat

35 588

#reversing #cryptography Factoring "short-sleeve" RSA keys with polynomials https://blog.trailofbits.com/2026/06/12/factoring-short-sleeve-rsa-keys-with-polynomials ]-> Checking cryptographic public keys for known vulnerabilities

35 588

"Hands-On Ethical Hacking: Tactics Strategies, tools, and techniques for effective cyber defense", 2024.

35 588

#tools #Automotive_Security "MIDS: Detecting Stealthy Masquerade and Tampering Attacks on CAN Bus via Bidirectional Mamba", Jun 2026. // MIDS - deep learning-based framework for detecting tampering and injection attacks on the CAN bus. By utilizing Mamba with bidirectional technology and a dual-stream architecture, MIDS effectively captures both local and long-range dependencies in CAN signals, achieving superior performance with an F1-score ranging from 93.70% to 99.61%

35 588

#tools #Sec_code_review "LLM-Powered Vulnerability Discovery Through Code Decomposition, Adversarial Verification, and Dynamic Testing", Jun 2026. // OpenAnt - open-source vulnerability discovery system that integrates static program analysis with LLM-based reasoning in a multi-stage pipeline

35 588

#Research #MLSecOps "Prioritization of Risks from Artificial Intelligence: A Delphi Study of 272 International Experts", June 2026. ]-> Repo // Data and materials from a three-round Delphi study conducted by the MIT AI Risk Initiative to elicit expert judgments on the prioritisation of AI risks. Over 200 experts assessed 24 AI risk subdomains from the AI Risk Repository taxonomy across three dimensions: vulnerability, responsibility, and severity