Forwarded from 卩ro 爪Cracker
ImageMagick Security Policy Evaluator
https://ift.tt/QNghDT3
Submitted January 10, 2023 at 04:52PM by nibblesec
via reddit https://ift.tt/zgW85DB
https://ift.tt/QNghDT3
Submitted January 10, 2023 at 04:52PM by nibblesec
via reddit https://ift.tt/zgW85DB
Doyensec
ImageMagick Security Policy Evaluator
During our audits we occasionally stumble across ImageMagick security policy configuration files (policy.xml), useful for limiting the default behavior and the resources consumed by the library. In the wild, these files often contain a plethora of recommendations…
Forwarded from 卩ro 爪Cracker
An electromagnetic-wave side-channel issue on ARMv8 AES instructions
https://ift.tt/IhmuJPT
Submitted January 10, 2023 at 05:21PM by Gallus
via reddit https://ift.tt/KTE31Sx
https://ift.tt/IhmuJPT
Submitted January 10, 2023 at 05:21PM by Gallus
via reddit https://ift.tt/KTE31Sx
Forwarded from 卩ro 爪Cracker
CVE-2022-39073
Proof of concept for the command injection vulnerability affecting the ZTE MF286R router, including an RCE exploit.
https://github.com/v0lp3/CVE-2022-39073
#cve #exploit
Proof of concept for the command injection vulnerability affecting the ZTE MF286R router, including an RCE exploit.
https://github.com/v0lp3/CVE-2022-39073
#cve #exploit
Forwarded from 卩ro 爪Cracker
DarkWeb ChatGPT PoC
A copy of /User-Pain/ from BreachForums' #ChatGPT Based DNM Script.
https://github.com/D4RK-R4BB1T/DarkWeb_ChatGPT_PoC
A copy of /User-Pain/ from BreachForums' #ChatGPT Based DNM Script.
https://github.com/D4RK-R4BB1T/DarkWeb_ChatGPT_PoC
🍾2
Forwarded from 卩ro 爪Cracker
Antivirus Evasion: Tearing AMSI down with 3 bytes only
https://ift.tt/kMY4CuL
Submitted January 11, 2023 at 02:51AM by juliocesarfort
via reddit https://ift.tt/LhRMPQj
https://ift.tt/kMY4CuL
Submitted January 11, 2023 at 02:51AM by juliocesarfort
via reddit https://ift.tt/LhRMPQj
Blaze Information Security
Antivirus Evasion: Tearing AMSI Down With 3 Bytes Only
This post aims on showcasing one of the many possible techniques for bypassing antivirus solutions through in-memory patching of AMSI instructions.
🏆3
Forwarded from 卩ro 爪Cracker
Taking over a Dead IoT Company
https://ift.tt/2GoPbpf
Submitted January 11, 2023 at 02:38AM by phree_radical
via reddit https://ift.tt/L6GMBgS
https://ift.tt/2GoPbpf
Submitted January 11, 2023 at 02:38AM by phree_radical
via reddit https://ift.tt/L6GMBgS
Kevin Chung
Taking over a Dead IoT Company
5 years after NYCTrainSign collapsed, I investigate why the company failed and end up writing an exploit to take over their fleet.
👍2
Forwarded from 卩ro 爪Cracker
Cacti: Unauthenticated Remote Code Execution (CVE-2022-46169)
https://ift.tt/BUxzjQ9
Submitted January 11, 2023 at 05:28AM by monoimpact
via reddit https://ift.tt/hcIzBt2
https://ift.tt/BUxzjQ9
Submitted January 11, 2023 at 05:28AM by monoimpact
via reddit https://ift.tt/hcIzBt2
Sonarsource
Cacti: Unauthenticated Remote Code Execution
Learn how we discovered a critical vulnerability in Cacti with the help of SonarCloud.
#Fuzzing
Fuzztruction - prototype of a fuzzer that does not directly mutate inputs but instead uses a so-called generator application to produce an input for our fuzzing target
https://github.com/fuzztruction/fuzztruction#preparing-the-runtime-environment-docker-image
Fuzztruction - prototype of a fuzzer that does not directly mutate inputs but instead uses a so-called generator application to produce an input for our fuzzing target
https://github.com/fuzztruction/fuzztruction#preparing-the-runtime-environment-docker-image
GitHub
GitHub - fuzztruction/fuzztruction
Contribute to fuzztruction/fuzztruction development by creating an account on GitHub.
👌1
#exploit
1. CVE-2022-31705:
Geekpwn 2022 Vmware EHCI OOB
https://github.com/s0duku/cve-2022-31705
2. Linux >=4.10: UAF in __do_semtimedop() due to lockless check outside RCU section
https://bugs.chromium.org/p/project-zero/issues/detail?id=2391
3. Lexmark Printers/Copiers haxx 0-day Exploit
https://github.com/blasty/lexmark
1. CVE-2022-31705:
Geekpwn 2022 Vmware EHCI OOB
https://github.com/s0duku/cve-2022-31705
2. Linux >=4.10: UAF in __do_semtimedop() due to lockless check outside RCU section
https://bugs.chromium.org/p/project-zero/issues/detail?id=2391
3. Lexmark Printers/Copiers haxx 0-day Exploit
https://github.com/blasty/lexmark
GitHub
GitHub - s0duku/cve-2022-31705: CVE-2022-31705 (Geekpwn 2022 Vmware EHCI OOB) POC
CVE-2022-31705 (Geekpwn 2022 Vmware EHCI OOB) POC - s0duku/cve-2022-31705
👌1
BlockScope.pdf
822.1 KB
#Research
"BlockScope: Detecting and Investigating Propagated Vulnerabilities in Forked Blockchain Projects", 2022.
]-> https://github.com/VPRLab/BS_VulnReport
"BlockScope: Detecting and Investigating Propagated Vulnerabilities in Forked Blockchain Projects", 2022.
]-> https://github.com/VPRLab/BS_VulnReport
👌1
#Offensive_security
1. Microsoft LAPS(E) in Judgement
https://www.trustedsec.com/blog/a-lapse-in-judgement
2. NonHeavyFTP:
A FTP Server pwn chanllenge
https://f0cus77.github.io/RWCTF-2023-NonHeavyFTP-writeup
1. Microsoft LAPS(E) in Judgement
https://www.trustedsec.com/blog/a-lapse-in-judgement
2. NonHeavyFTP:
A FTP Server pwn chanllenge
https://f0cus77.github.io/RWCTF-2023-NonHeavyFTP-writeup
TrustedSec
A LAPS(e) in Judgement
To keep things simple, instead of requiring an administrator to manually set, rotate, and store the local Administrator passwords, LAPS will do this…
👌1
#tools
#Malware_analysis
SEMA - ToolChain using Symbolic Execution for Malware Analysis
https://github.com/csvl/SEMA-ToolChain
#Malware_analysis
SEMA - ToolChain using Symbolic Execution for Malware Analysis
https://github.com/csvl/SEMA-ToolChain
👌1
#Threat_Research
1. RCE bug in JWT Secret Poisoning (CVE-2022-23529)
https://unit42.paloaltonetworks.com/jsonwebtoken-vulnerability-cve-2022-23529
2. Bring-Your-Own-Vulnerable-Driver Tactic in Attempt to Bypass Endpoint Security
https://www.crowdstrike.com/blog/scattered-spider-attempts-to-avoid-detection-with-bring-your-own-vulnerable-driver-tactic
3. Navigating the Vast Ocean of Sandbox Evasions
https://unit42.paloaltonetworks.com/sandbox-evasion-memory-detection
1. RCE bug in JWT Secret Poisoning (CVE-2022-23529)
https://unit42.paloaltonetworks.com/jsonwebtoken-vulnerability-cve-2022-23529
2. Bring-Your-Own-Vulnerable-Driver Tactic in Attempt to Bypass Endpoint Security
https://www.crowdstrike.com/blog/scattered-spider-attempts-to-avoid-detection-with-bring-your-own-vulnerable-driver-tactic
3. Navigating the Vast Ocean of Sandbox Evasions
https://unit42.paloaltonetworks.com/sandbox-evasion-memory-detection
Unit 42
Security Issue in JWT Secret Poisoning (Updated)
We discovered a new high-severity vulnerability (CVE-2022-23529) in the popular JsonWebToken open source project.
⚡1
Forwarded from Cyber security intelligent program
🕵️♂️StrongPity espionage campaign targeting Android users
ESET researchers identified an active campaign that we have attributed to the StrongPity APT group. Active since November 2021, the campaign has distributed a malicious app through a website impersonating Shagle – a random-video-chat service that provides encrypted communications between strangers. Unlike the entirely web-based, genuine Shagle site that doesn’t offer an official mobile app to access its services, the copycat site only provides an Android app to download and no web-based streaming is possible.
ESET researchers identified an active campaign that we have attributed to the StrongPity APT group. Active since November 2021, the campaign has distributed a malicious app through a website impersonating Shagle – a random-video-chat service that provides encrypted communications between strangers. Unlike the entirely web-based, genuine Shagle site that doesn’t offer an official mobile app to access its services, the copycat site only provides an Android app to download and no web-based streaming is possible.
📡Совсем скоро будет представлена эффективная и безопасная система система AARTOS DDS для обнаружения дронов, причем есть защита, которая подбирается индивидуально под заказчика. Сие чуда будет показано на выставке Perimeter Protection с 17 по 19 января 2023 года