Pwn2own hacking competition Toronto 2022.

S22 Samsung gets owned.

https://hothardware.com/news/hackers-slaughter-samsung-galaxy-s22-first-day-pwn2own-competition

Day 3 of 4: https://youtu.be/VTQfb0Btt_Y

{JS-ON: Security-OFF}: Abusing JSON-Based SQL to Bypass WAF.

https://claroty.com/team82/research/js-on-security-off-abusing-json-based-sql-to-bypass-waf

GitHub dorks.

Tool 🔧 OSV-Scanner: Vulnerability Scanner for Open Source.

https://security.googleblog.com/2022/12/announcing-osv-scanner-vulnerability.html

https://github.com/google/osv-scanner

Critical Windows code-execution vulnerability went undetected until now.

https://arstechnica.com/information-technology/2022/12/critical-windows-code-execution-vulnerability-went-undetected-until-now/

● Exclusive - Zero-Day: A critical security vulnerability has been identified in appviewx. It can be used to spoof certificates.

This is not the official def. Will wait for researcher to share details.

Impact of the Zero-Day (mentioned here: https://t.me/ckuRED/231).

Enrollment: An adversary can issue a certificate from the CA and later use that for hosting fake websites that all the clients of that firm under attack will automatically trust.

Revocation: An adversary can bring down any website /application by just getting the public certificate of that application.

Optionally, if you have to plan big, discover all applications, download the public certificate, and at once revoke all.

AMSI Bypass Using CLR Hooking.

https://practicalsecurityanalytics.com/new-amsi-bypass-using-clr-hooking/

Reverse shell with the XOR encryption for the communication between server/client, but now with C#.

https://twitter.com/zux0x3a/status/1609592330373455872

https://github.com/0xsp-SRD/0xsp.com/tree/main/rev_shell_xor_enc

● Goggle's answer to disinformation.

https://toolbox.google.com/factcheck/explorer

Hermit: Deterministic Linux for Controlled Testing and Software Bug-finding.

https://developers.facebook.com/blog/post/2022/11/22/hermit-deterministic-linux-testing/

⚠️ Zero-Day: Vulnerability in JWT Secret Poisoning (CVE-2022-23529).

https://unit42.paloaltonetworks.com/jsonwebtoken-vulnerability-cve-2022-23529/

https://nvd.nist.gov/vuln/detail/CVE-2022-23529

Exploiting null-dereferences in the Linux kernel.

https://googleprojectzero.blogspot.com/2023/01/exploiting-null-dereferences-in-linux.html

Linux Privilege Escalation: DirtyPipe (CVE 2022-0847).

https://www.codelivly.com/linux-privilege-escalation-dirtypipe/

Top 10 Web Hacking Techniques of 2022.

https://portswigger.net/research/top-10-web-hacking-techniques-of-2022

A simple script as malware that will turn off the firewall, start an HTTP server, forward its port through 'ngrok' and send the URL of the server through a Telegram bot.

https://github.com/usdchef/malvinci

Privacy-Breach: United States 🇺🇸

The IRS has paid an Israeli 🇮🇱 company! 'Cobwebs Technologies' hundreds of thousands of dollars for an internet investigative tool that allows the IRS to conduct undercover investigations online, according to internal IRS documents obtained by Motherboard.

vice.com/en/article/xgynn4/company-helping-irs-go-undercover-cobwebs-technologies

CVE-2023-21752; allows a basic user to execute arbitrary code on a host to delete files from [a] specified storage path, from Windows Backup and Restore service.

The vulnerability is triggered using the Race Condition between temporary file creation and deletion, which takes place following the authentication process.

https://cloudsek.com/threatintelligence/cve-2023-21752-privilege-escalation-vulnerability-on-windows-backup-service

https://www.infosecurity-magazine.com/news/hackers-exploit-flaw-windows/