📃 "Mapas y ransomware: REvil, Acer y algunas cosas más" https://unaaldia.hispasec.com/2021/03/mapas-y-ransomware-revil-acer-y-algunas-cosas-mas.html
📃 "Análisis del ransomware REvil (Sodinokibi)" https://blog.segu-info.com.ar/2021/03/analisis-de-ransomware-sodinokibi-revil.html
📃 "Análisis del ransomware REvil (Sodinokibi)" https://blog.segu-info.com.ar/2021/03/analisis-de-ransomware-sodinokibi-revil.html
Una al Día
Mapas y ransomware: REvil, Acer y algunas cosas más
Acer, una de las últimas empresas afectadas por REvil, a la que han dado de plazo hasta el 28 de marzo para que pague un rescate.
CVE-2021-1079: NVIDIA GeForce Experience (GFE) v.<= 3.21 Arbitrary File Write to EoP Command Execution. https://t.co/mVCyqIqaDH
Relaying Potatoes: Another Unexpected Privilege Escalation Vulnerability in Windows RPC Protocol
https://labs.sentinelone.com/relaying-potatoes-dce-rpc-ntlm-relay-eop
]-> Windows Privilege Escalation from User to Domain Admin 1-day PoC:
https://github.com/antonioCoco/RemotePotato0
https://labs.sentinelone.com/relaying-potatoes-dce-rpc-ntlm-relay-eop
]-> Windows Privilege Escalation from User to Domain Admin 1-day PoC:
https://github.com/antonioCoco/RemotePotato0
SentinelOne
Relaying Potatoes: Another Unexpected Privilege Escalation Vulnerability in Windows RPC Protocol - SentinelLabs
A newly-discovered NTLM relay attack makes every Windows system vulnerable to an escalation of privileges attack, and there's no patch in sight.
Parallels Desktop RDPMC Hypercall Interface
and Vulnerabilities (PoC for CVE-2021-31424,
CVE-2021-31427 in UEFI variable services)
https://www.zerodayinitiative.com/blog/2021/4/26/parallels-desktop-rdpmc-hypercall-interface-and-vulnerabilities
and Vulnerabilities (PoC for CVE-2021-31424,
CVE-2021-31427 in UEFI variable services)
https://www.zerodayinitiative.com/blog/2021/4/26/parallels-desktop-rdpmc-hypercall-interface-and-vulnerabilities
Zero Day Initiative
Zero Day Initiative — Parallels Desktop RDPMC Hypercall Interface and Vulnerabilities
Parallels Desktop implements a hypercall interface using an RDPMC instruction (“Read Performance-Monitoring Counter”) for communication between guest and host. More interestingly, this interface is accessible even to an unprivileged guest user. Though the…
#Threat_Research
Exploiting memory corruption vulnerabilities on Android
https://blog.oversecured.com/Exploiting-memory-corruption-vulnerabilities-on-Android
Exploiting memory corruption vulnerabilities on Android
https://blog.oversecured.com/Exploiting-memory-corruption-vulnerabilities-on-Android
News, Techniques & Guides
Exploiting memory corruption vulnerabilities on Android
In today's blog, we'll discuss memory corruption vulnerabilities in Android apps and how they can be exploited. At the end of the article, we'll show how we found such a vulnerability in PayPal apps and what the result could be.
#exploit
Windows 8.1 IE/Firefox RCE -> Sandbox Escape -> SYSTEM EoP Exploit Chain
https://github.com/forrest-orr/DoubleStar
Windows 8.1 IE/Firefox RCE -> Sandbox Escape -> SYSTEM EoP Exploit Chain
https://github.com/forrest-orr/DoubleStar
GitHub
GitHub - forrest-orr/DoubleStar: A personalized/enhanced re-creation of the Darkhotel "Double Star" APT exploit chain with a focus…
A personalized/enhanced re-creation of the Darkhotel "Double Star" APT exploit chain with a focus on Windows 8.1 and mixed with some of my own techniques - forrest-orr/DoubleStar
#exploit
CVE-2021-28312:
Windows 10 1809/1909/2004/20H2, Server 2019 - NTFS DoS Vulnerability (PoC)
https://github.com/shubham0d/CVE-2021-28312
CVE-2021-28312:
Windows 10 1809/1909/2004/20H2, Server 2019 - NTFS DoS Vulnerability (PoC)
https://github.com/shubham0d/CVE-2021-28312
GitHub
GitHub - shubham0d/CVE-2021-28312: POC and description for CVE-2021-28312
POC and description for CVE-2021-28312. Contribute to shubham0d/CVE-2021-28312 development by creating an account on GitHub.
#Offensive_security
Micro Backdoor for Windows:
Small and convenient C2 tool for Windows targets
https://github.com/Cr4sh/MicroBackdoor
Micro Backdoor for Windows:
Small and convenient C2 tool for Windows targets
https://github.com/Cr4sh/MicroBackdoor
GitHub
GitHub - Cr4sh/MicroBackdoor: Small and convenient C2 tool for Windows targets
Small and convenient C2 tool for Windows targets. Contribute to Cr4sh/MicroBackdoor development by creating an account on GitHub.
ExploitDB Just tweeted ****************************************** [webapps] Microsoft Exchange 2019 - Unauthenticated Email Download https://t.co/tgIWJ60sqw
Exploit Database
Microsoft Exchange 2019 - Unauthenticated Email Download
Microsoft Exchange 2019 - Unauthenticated Email Download. CVE-2021-26855 . webapps exploit for Windows platform
Familia les traigo un script que he creado para pentesting en entornos de directorio activo AD para realizar el ataque de samba relay de manera automatizada con el siguiente script que deje en el Github.
https://github.com/Anonimo501/SambaRelay
Un saludo.
https://github.com/Anonimo501/SambaRelay
Un saludo.
GitHub
GitHub - Anonimo501/SambaRelay
Contribute to Anonimo501/SambaRelay development by creating an account on GitHub.
😁1
Comunidad Pen7esting
Familia les traigo un script que he creado para pentesting en entornos de directorio activo AD para realizar el ataque de samba relay de manera automatizada con el siguiente script que deje en el Github. https://github.com/Anonimo501/SambaRelay Un saludo.
Hi.
El script ha Sido actualizando por si desean ir a hechar le un vistazo.
El script ha Sido actualizando por si desean ir a hechar le un vistazo.
ExploitDB Just tweeted ****************************************** [webapps] Microsoft Exchange 2019 - Unauthenticated Email Download (Metasploit) https://t.co/V1DhiHjVzH
Exploit Database
Microsoft Exchange 2019 - Unauthenticated Email Download (Metasploit)
Microsoft Exchange 2019 - Unauthenticated Email Download (Metasploit). CVE-2021-26855 . webapps exploit for Windows platform
ExploitDB Just tweeted ****************************************** [remote] Solaris SunSSH 11.0 x86 - libpam Remote Root (2) https://t.co/lp3DfmUMBv
Exploit Database
Solaris SunSSH 11.0 x86 - libpam Remote Root (2)
Solaris SunSSH 11.0 x86 - libpam Remote Root (2). CVE-2020-14871 . remote exploit for Solaris platform
How to Exploit Active Directory ACL Attack Paths Through LDAP Relaying Attacks https://t.co/Z5gOeQHe7a #Pentesting #ActiveDirectory #Exploit #CyberSecurity #Infosec pic.twitter.com/BAyqQcb4tV
— Ptrace Security GmbH (@ptracesecurity) May 23, 2021
— Ptrace Security GmbH (@ptracesecurity) May 23, 2021
Praetorian
How to Exploit Active Directory ACL Attack Paths Through LDAP Relaying Attacks | Praetorian
Overview This article describes methods by which an attacker can induce a victim user into authenticating using the NT Lan Manager (NTLM) Authentication Protocol to an attacker-controlled “Intranet” site, even in instances where that site points to an external…
Nueva vulnerabilidad afecta a todos los dispositivos Wi-Fi desde hace 24 años.
https://unaaldia.hispasec.com/2021/05/nueva-vulnerabilidad-afecta-a-todos-los-dispositivos-wi-fi-desde-hace-24-anos.html
https://unaaldia.hispasec.com/2021/05/nueva-vulnerabilidad-afecta-a-todos-los-dispositivos-wi-fi-desde-hace-24-anos.html
Una al Día
Nueva vulnerabilidad afecta a todos los dispositivos Wi-Fi desde hace 24 años.
Relacionadas con la forma en que Wi-Fi maneja grandes cantidades de datos, y algunas están relacionadas con el estándar Wi-Fi.
Cómo los delincuentes explotan rápidamente vulnerabilidades
https://blog.segu-info.com.ar/2021/05/como-los-delincuentes-explotan.html
https://blog.segu-info.com.ar/2021/05/como-los-delincuentes-explotan.html
Segu-Info - Ciberseguridad desde 2000
Cómo los delincuentes explotan rápidamente vulnerabilidades