From linen to silk – Using Microsoft Service Fabric to elevate privileges
#netspi
The NetSPI Agents discovered a local privilege escalation path in Microsoft Service Fabric Runtime. Learn how the vulnerability was discovered and exploited.
via NetSPI Technical Blog (author: James Williams)
#netspi
The NetSPI Agents discovered a local privilege escalation path in Microsoft Service Fabric Runtime. Learn how the vulnerability was discovered and exploited.
via NetSPI Technical Blog (author: James Williams)
Prototype Pollution: A Deep-Dive
#netspi
Learn about Prototype Pollution – what it is, why it exists, and real examples of how it can be exploited.
via NetSPI Technical Blog (author: Rob Jepson)
#netspi
Learn about Prototype Pollution – what it is, why it exists, and real examples of how it can be exploited.
via NetSPI Technical Blog (author: Rob Jepson)
Fickle PDFs: exploiting browser rendering discrepancies
#portswigger
Imagine the CEO of a random company receives an email containing a PDF invoice file. In Safari and MacOS Preview, the total price displayed is £399. After approval, the invoice is sent to the accounti
via PortSwigger Research
#portswigger
Imagine the CEO of a random company receives an email containing a PDF invoice file. In Safari and MacOS Preview, the total price displayed is £399. After approval, the invoice is sent to the accounti
via PortSwigger Research
HackingDave’s Rule of Five
#trustedsec
Buckle up! This is a different type of blog that isn’t our normally scheduled technical prowess or superhuman talents we have here at TrustedSec. Each month, I have the privilege of hosting a meeting with new employees…
via TrustedSec Blog (author: David Kennedy)
#trustedsec
Buckle up! This is a different type of blog that isn’t our normally scheduled technical prowess or superhuman talents we have here at TrustedSec. Each month, I have the privilege of hosting a meeting with new employees…
via TrustedSec Blog (author: David Kennedy)
GitHub Actions exploitation: repo jacking and environment manipulation
#synacktiv
via Synacktiv Blog (author: Hugo Vincent)
#synacktiv
via Synacktiv Blog (author: Hugo Vincent)
dirDevil: Hiding Code and Content Within Folder Structures
#trustedsec
<p>Welcome back to another round of "Hiding in Plain Sight," exploring weird places to stash data or payloads. In our last edition, we explored an easy method of encoding a payload into RGB values of a PNG file and hosting…</p>
via TrustedSec Blog (author: @ nyxgeek)
#trustedsec
<p>Welcome back to another round of "Hiding in Plain Sight," exploring weird places to stash data or payloads. In our last edition, we explored an easy method of encoding a payload into RGB values of a PNG file and hosting…</p>
via TrustedSec Blog (author: @ nyxgeek)
This Meeting Should Have Been an Email
#objectivesee
A DPRK stealer, dubbed BeaverTail, targets users via a trojanized meeting app. Let's analyze it comprehensively.
via Objective-See Blog
#objectivesee
A DPRK stealer, dubbed BeaverTail, targets users via a trojanized meeting app. Let's analyze it comprehensively.
via Objective-See Blog
Technical Analysis: Killer Ultra Malware Targeting EDR Products in Ransomware Attacks
#trustedsec
<p>This post was written by John Dwyer, Director of Security Research at Binary Defense, and made possible through the contributions of TrustedSec Senior Research Analyst Kevin Haubris and Eric Gonzalez of Binary…</p>
via TrustedSec Blog (author: John Dwyer)
#trustedsec
<p>This post was written by John Dwyer, Director of Security Research at Binary Defense, and made possible through the contributions of TrustedSec Senior Research Analyst Kevin Haubris and Eric Gonzalez of Binary…</p>
via TrustedSec Blog (author: John Dwyer)
Cobalt Strike 4.10: Through the BeaconGate
#cobaltstrike
Cobalt Strike 4.10 is now available. This release introduces BeaconGate, the Postex Kit, and Sleepmask-VS. In addition, we have overhauled the Sleepmask API, refreshed the Jobs UI, added new BOF APIs, added support for hot swapping C2 hosts, and more. This has been a longer release cycle than in previous releases to allow us to [...]
via Cobalt Strike Blog (author: William Burgess)
#cobaltstrike
Cobalt Strike 4.10 is now available. This release introduces BeaconGate, the Postex Kit, and Sleepmask-VS. In addition, we have overhauled the Sleepmask API, refreshed the Jobs UI, added new BOF APIs, added support for hot swapping C2 hosts, and more. This has been a longer release cycle than in previous releases to allow us to [...]
via Cobalt Strike Blog (author: William Burgess)
The Security Principle Every Attacker Needs to Follow
#specterops
via SpecterOps Team Medium (author: Elad Shamir)
#specterops
via SpecterOps Team Medium (author: Elad Shamir)
What is Your Compliance Kryptonite?
#trustedsec
Have you ever felt frustrated about security compliance? Well, you're not alone. We've all got some kind of 'Kryptonite' when it comes to Compliance. I asked some of our InfoSec auditors to share their Kryptonite. Their…
via TrustedSec Blog (author: Steve Maxwell)
#trustedsec
Have you ever felt frustrated about security compliance? Well, you're not alone. We've all got some kind of 'Kryptonite' when it comes to Compliance. I asked some of our InfoSec auditors to share their Kryptonite. Their…
via TrustedSec Blog (author: Steve Maxwell)
Advenutures in Shellcode Obfuscation! Part 5: Base64
#redsiege
by Mike Saunders, Principal Consultant This blog is the fifth in a series of blogs on obfuscation techniques for hiding shellcode. You can find the rest of the series here. […]
via RedSiege Blog (author: Red Siege)
#redsiege
by Mike Saunders, Principal Consultant This blog is the fifth in a series of blogs on obfuscation techniques for hiding shellcode. You can find the rest of the series here. […]
via RedSiege Blog (author: Red Siege)
Shellcode: Modular Exponentiation for Diffie-Hellman Key Exchange.
#odzhan
Table Of Contents Introduction Symmetric vs Asymmetric Encryption with RSA Digital Signatures with RSA History Diffie-Hellman Key Exchange Crypto API Binary Exponentiation Methods Arbitrary-precision Arithmetic Addition Subtraction Multiplication Division Exponentiation Modular Multiplicative Inverse Modular Addition Modular Multiplication Modular Exponentiation Counting …
via modexp Blog (author: odzhan)
#odzhan
Table Of Contents Introduction Symmetric vs Asymmetric Encryption with RSA Digital Signatures with RSA History Diffie-Hellman Key Exchange Crypto API Binary Exponentiation Methods Arbitrary-precision Arithmetic Addition Subtraction Multiplication Division Exponentiation Modular Multiplicative Inverse Modular Addition Modular Multiplication Modular Exponentiation Counting …
via modexp Blog (author: odzhan)
🔥1
The Security Principle Every Attacker Needs to Follow
#specterops
via SpecterOps Team Medium (author: Elad Shamir)
#specterops
via SpecterOps Team Medium (author: Elad Shamir)
Medium
The Security Principle Every Attacker Needs to Follow
Earlier this year, I was tasked with developing a follow-on course for our renowned Adversary Tactics: Red Team Operations course. The new…
Adventures in Shellcode Obfuscation! Part 6: Two Array Method
#redsiege
by Mike Saunders, Principal Security Consultant This blog is the sixth in a series of blogs on obfuscation techniques for hiding shellcode. You can find the rest of […]
via RedSiege Blog (author: Red Siege)
#redsiege
by Mike Saunders, Principal Security Consultant This blog is the sixth in a series of blogs on obfuscation techniques for hiding shellcode. You can find the rest of […]
via RedSiege Blog (author: Red Siege)
Injecting Java in-memory payloads for post-exploitation
#synacktiv
via Synacktiv Blog (author: Clement Amic)
#synacktiv
via Synacktiv Blog (author: Clement Amic)