Forwarded from 卩ro 爪Cracker
An electromagnetic-wave side-channel issue on ARMv8 AES instructions
https://ift.tt/IhmuJPT
Submitted January 10, 2023 at 05:21PM by Gallus
via reddit https://ift.tt/KTE31Sx
https://ift.tt/IhmuJPT
Submitted January 10, 2023 at 05:21PM by Gallus
via reddit https://ift.tt/KTE31Sx
Forwarded from 卩ro 爪Cracker
CVE-2022-39073
Proof of concept for the command injection vulnerability affecting the ZTE MF286R router, including an RCE exploit.
https://github.com/v0lp3/CVE-2022-39073
#cve #exploit
Proof of concept for the command injection vulnerability affecting the ZTE MF286R router, including an RCE exploit.
https://github.com/v0lp3/CVE-2022-39073
#cve #exploit
Forwarded from 卩ro 爪Cracker
DarkWeb ChatGPT PoC
A copy of /User-Pain/ from BreachForums' #ChatGPT Based DNM Script.
https://github.com/D4RK-R4BB1T/DarkWeb_ChatGPT_PoC
A copy of /User-Pain/ from BreachForums' #ChatGPT Based DNM Script.
https://github.com/D4RK-R4BB1T/DarkWeb_ChatGPT_PoC
🍾2
Forwarded from 卩ro 爪Cracker
Antivirus Evasion: Tearing AMSI down with 3 bytes only
https://ift.tt/kMY4CuL
Submitted January 11, 2023 at 02:51AM by juliocesarfort
via reddit https://ift.tt/LhRMPQj
https://ift.tt/kMY4CuL
Submitted January 11, 2023 at 02:51AM by juliocesarfort
via reddit https://ift.tt/LhRMPQj
Blaze Information Security
Antivirus Evasion: Tearing AMSI Down With 3 Bytes Only
This post aims on showcasing one of the many possible techniques for bypassing antivirus solutions through in-memory patching of AMSI instructions.
🏆3
Forwarded from 卩ro 爪Cracker
Taking over a Dead IoT Company
https://ift.tt/2GoPbpf
Submitted January 11, 2023 at 02:38AM by phree_radical
via reddit https://ift.tt/L6GMBgS
https://ift.tt/2GoPbpf
Submitted January 11, 2023 at 02:38AM by phree_radical
via reddit https://ift.tt/L6GMBgS
Kevin Chung
Taking over a Dead IoT Company
5 years after NYCTrainSign collapsed, I investigate why the company failed and end up writing an exploit to take over their fleet.
👍2
Forwarded from 卩ro 爪Cracker
Cacti: Unauthenticated Remote Code Execution (CVE-2022-46169)
https://ift.tt/BUxzjQ9
Submitted January 11, 2023 at 05:28AM by monoimpact
via reddit https://ift.tt/hcIzBt2
https://ift.tt/BUxzjQ9
Submitted January 11, 2023 at 05:28AM by monoimpact
via reddit https://ift.tt/hcIzBt2
Sonarsource
Cacti: Unauthenticated Remote Code Execution
Learn how we discovered a critical vulnerability in Cacti with the help of SonarCloud.
#Fuzzing
Fuzztruction - prototype of a fuzzer that does not directly mutate inputs but instead uses a so-called generator application to produce an input for our fuzzing target
https://github.com/fuzztruction/fuzztruction#preparing-the-runtime-environment-docker-image
Fuzztruction - prototype of a fuzzer that does not directly mutate inputs but instead uses a so-called generator application to produce an input for our fuzzing target
https://github.com/fuzztruction/fuzztruction#preparing-the-runtime-environment-docker-image
GitHub
GitHub - fuzztruction/fuzztruction
Contribute to fuzztruction/fuzztruction development by creating an account on GitHub.
👌1
#exploit
1. CVE-2022-31705:
Geekpwn 2022 Vmware EHCI OOB
https://github.com/s0duku/cve-2022-31705
2. Linux >=4.10: UAF in __do_semtimedop() due to lockless check outside RCU section
https://bugs.chromium.org/p/project-zero/issues/detail?id=2391
3. Lexmark Printers/Copiers haxx 0-day Exploit
https://github.com/blasty/lexmark
1. CVE-2022-31705:
Geekpwn 2022 Vmware EHCI OOB
https://github.com/s0duku/cve-2022-31705
2. Linux >=4.10: UAF in __do_semtimedop() due to lockless check outside RCU section
https://bugs.chromium.org/p/project-zero/issues/detail?id=2391
3. Lexmark Printers/Copiers haxx 0-day Exploit
https://github.com/blasty/lexmark
GitHub
GitHub - s0duku/cve-2022-31705: CVE-2022-31705 (Geekpwn 2022 Vmware EHCI OOB) POC
CVE-2022-31705 (Geekpwn 2022 Vmware EHCI OOB) POC - s0duku/cve-2022-31705
👌1
BlockScope.pdf
822.1 KB
#Research
"BlockScope: Detecting and Investigating Propagated Vulnerabilities in Forked Blockchain Projects", 2022.
]-> https://github.com/VPRLab/BS_VulnReport
"BlockScope: Detecting and Investigating Propagated Vulnerabilities in Forked Blockchain Projects", 2022.
]-> https://github.com/VPRLab/BS_VulnReport
👌1
#Offensive_security
1. Microsoft LAPS(E) in Judgement
https://www.trustedsec.com/blog/a-lapse-in-judgement
2. NonHeavyFTP:
A FTP Server pwn chanllenge
https://f0cus77.github.io/RWCTF-2023-NonHeavyFTP-writeup
1. Microsoft LAPS(E) in Judgement
https://www.trustedsec.com/blog/a-lapse-in-judgement
2. NonHeavyFTP:
A FTP Server pwn chanllenge
https://f0cus77.github.io/RWCTF-2023-NonHeavyFTP-writeup
TrustedSec
A LAPS(e) in Judgement
To keep things simple, instead of requiring an administrator to manually set, rotate, and store the local Administrator passwords, LAPS will do this…
👌1
#tools
#Malware_analysis
SEMA - ToolChain using Symbolic Execution for Malware Analysis
https://github.com/csvl/SEMA-ToolChain
#Malware_analysis
SEMA - ToolChain using Symbolic Execution for Malware Analysis
https://github.com/csvl/SEMA-ToolChain
👌1
#Threat_Research
1. RCE bug in JWT Secret Poisoning (CVE-2022-23529)
https://unit42.paloaltonetworks.com/jsonwebtoken-vulnerability-cve-2022-23529
2. Bring-Your-Own-Vulnerable-Driver Tactic in Attempt to Bypass Endpoint Security
https://www.crowdstrike.com/blog/scattered-spider-attempts-to-avoid-detection-with-bring-your-own-vulnerable-driver-tactic
3. Navigating the Vast Ocean of Sandbox Evasions
https://unit42.paloaltonetworks.com/sandbox-evasion-memory-detection
1. RCE bug in JWT Secret Poisoning (CVE-2022-23529)
https://unit42.paloaltonetworks.com/jsonwebtoken-vulnerability-cve-2022-23529
2. Bring-Your-Own-Vulnerable-Driver Tactic in Attempt to Bypass Endpoint Security
https://www.crowdstrike.com/blog/scattered-spider-attempts-to-avoid-detection-with-bring-your-own-vulnerable-driver-tactic
3. Navigating the Vast Ocean of Sandbox Evasions
https://unit42.paloaltonetworks.com/sandbox-evasion-memory-detection
Unit 42
Security Issue in JWT Secret Poisoning (Updated)
We discovered a new high-severity vulnerability (CVE-2022-23529) in the popular JsonWebToken open source project.
⚡1
Forwarded from Cyber security intelligent program
🕵️♂️StrongPity espionage campaign targeting Android users
ESET researchers identified an active campaign that we have attributed to the StrongPity APT group. Active since November 2021, the campaign has distributed a malicious app through a website impersonating Shagle – a random-video-chat service that provides encrypted communications between strangers. Unlike the entirely web-based, genuine Shagle site that doesn’t offer an official mobile app to access its services, the copycat site only provides an Android app to download and no web-based streaming is possible.
ESET researchers identified an active campaign that we have attributed to the StrongPity APT group. Active since November 2021, the campaign has distributed a malicious app through a website impersonating Shagle – a random-video-chat service that provides encrypted communications between strangers. Unlike the entirely web-based, genuine Shagle site that doesn’t offer an official mobile app to access its services, the copycat site only provides an Android app to download and no web-based streaming is possible.
📡Совсем скоро будет представлена эффективная и безопасная система система AARTOS DDS для обнаружения дронов, причем есть защита, которая подбирается индивидуально под заказчика. Сие чуда будет показано на выставке Perimeter Protection с 17 по 19 января 2023 года