This (t.me/ckuRED/212) comes as nation state actors are involved in wild exploitation.

Remote Code Execution in Exchange PowerShell Backend.

https://www.zerodayinitiative.com/blog/2022/11/14/control-your-types-or-get-pwned-remote-code-execution-in-exchange-powershell-backend

Client-side prototype pollution.

https://portswigger.net/web-security/prototype-pollution

Cracking Zeppelin ransomware keys.

https://blog.unit221b.com/dont-read-this-blog/0xdead-zeppelin

Orpheus - Bypasses most Kerberoast Detections (with Modified KDC Options and Encryption Types).

https://www.trustedsec.com/blog/the-art-of-bypassing-kerberoast-detections-with-orpheus/

🔧 An advanced cross-platform tool that automates the process of detecting and exploiting SQL injection security flaws.

https://github.com/r0oth3x49/ghauri

E-book 📖 / pdf: Top OSINT & Infosec Resources for You and Your Team (2022 Edition): 100+ Blogs, Podcasts, YouTube, Books, and more!

https://www.maltego.com/blog/top-osint-infosec-resources-for-you-and-your-team/

🔧 Tool: Femtobrowser. A really basic web browser written in ~500 lines of V using only the integrated vlib library. It was not designed to be fast or efficient, but rather to be a simple example of how to use the vlib library to create a web browser. Made in few hours to mess around with V.

https://github.com/SheatNoisette/femtobrowser

Guide to Reversing and Exploiting iOS binaries: ARM64 ROP Chains.

https://www.inversecos.com/2022/06/guide-to-reversing-and-exploiting-ios.html

RCE (remote account / vehicle takeover) using CRLF, chained bugs. Interesting thread.

https://twitter.com/samwcyo/status/1597695281881296897

Pwn2own hacking competition Toronto 2022.

S22 Samsung gets owned.

https://hothardware.com/news/hackers-slaughter-samsung-galaxy-s22-first-day-pwn2own-competition

Day 3 of 4: https://youtu.be/VTQfb0Btt_Y

{JS-ON: Security-OFF}: Abusing JSON-Based SQL to Bypass WAF.

https://claroty.com/team82/research/js-on-security-off-abusing-json-based-sql-to-bypass-waf

GitHub dorks.

Tool 🔧 OSV-Scanner: Vulnerability Scanner for Open Source.

https://security.googleblog.com/2022/12/announcing-osv-scanner-vulnerability.html

https://github.com/google/osv-scanner

Critical Windows code-execution vulnerability went undetected until now.

https://arstechnica.com/information-technology/2022/12/critical-windows-code-execution-vulnerability-went-undetected-until-now/

● Exclusive - Zero-Day: A critical security vulnerability has been identified in appviewx. It can be used to spoof certificates.

This is not the official def. Will wait for researcher to share details.

Impact of the Zero-Day (mentioned here: https://t.me/ckuRED/231).

Enrollment: An adversary can issue a certificate from the CA and later use that for hosting fake websites that all the clients of that firm under attack will automatically trust.

Revocation: An adversary can bring down any website /application by just getting the public certificate of that application.

Optionally, if you have to plan big, discover all applications, download the public certificate, and at once revoke all.

AMSI Bypass Using CLR Hooking.

https://practicalsecurityanalytics.com/new-amsi-bypass-using-clr-hooking/