Top 10 Web Hacking Techniques of 2022.

https://portswigger.net/research/top-10-web-hacking-techniques-of-2022

A simple script as malware that will turn off the firewall, start an HTTP server, forward its port through 'ngrok' and send the URL of the server through a Telegram bot.

https://github.com/usdchef/malvinci

Privacy-Breach: United States 🇺🇸

The IRS has paid an Israeli 🇮🇱 company! 'Cobwebs Technologies' hundreds of thousands of dollars for an internet investigative tool that allows the IRS to conduct undercover investigations online, according to internal IRS documents obtained by Motherboard.

vice.com/en/article/xgynn4/company-helping-irs-go-undercover-cobwebs-technologies

CVE-2023-21752; allows a basic user to execute arbitrary code on a host to delete files from [a] specified storage path, from Windows Backup and Restore service.

The vulnerability is triggered using the Race Condition between temporary file creation and deletion, which takes place following the authentication process.

https://cloudsek.com/threatintelligence/cve-2023-21752-privilege-escalation-vulnerability-on-windows-backup-service

https://www.infosecurity-magazine.com/news/hackers-exploit-flaw-windows/

Vulnerability write-up - "Dangerous assumptions".

https://www.codean.io/blog/vulnerability-write-up---%22dangerous-assumptions%22

CVE-2022-25664, a vulnerability in the Qualcomm Adreno GPU, can be used to leak large amounts of information to a malicious Android application. Learn more about how the vulnerability can be used to leak information in both the user space and kernel space level of pages, and how the GitHub Security Lab used the kernel space information leak to construct a KASLR bypass.

https://github.blog/2023-02-23-the-code-that-wasnt-there-reading-memory-on-an-android-device-by-accident/

Tool that could notify you when your hacking tools finish running.

Supports
✅ Slack
✅ Discord
✅ Pushover
✅ Email
✅ Teams
✅ Goolge Chat
✅ Custom options


Notify is a Go-based assistance package that enables you to stream the output of several tools (or read from a file) and publish it to a variety of supported platforms.

https://github.com/projectdiscovery/notify

Remote Code Execution via Prototype Pollution in Blitz.js.

https://www.sonarsource.com/blog/blitzjs-prototype-pollution/

Microsoft Word Zero-Day (CVE-2023-21716) PoC goes public.

https://qoop.org/publications/cve-2023-21716-rtf-fonttbl.md

https://www.helpnetsecurity.com/2023/03/06/cve-2023-21716-poc/

DataSurgeon: Tool to extract IP's, email addresses, hashes, files, credit cards, social security numbers and more from text.

https://github.com/Drew-Alleman/DataSurgeon

Spying by Mexico’s Armed Forces Brings Fears of a ‘Military State’.

https://www.nytimes.com/2023/03/07/world/americas/mexico-military-surveillance.html

AMSI Bypass New Way 2023.

https://infosecwriteups.com/amsi-bypass-new-way-2023-d506345944e9

CVE-2022-42475 | Zero-Day: Heap overflow in Fortinet's SSLVPN PoC. This PoC has hardcoded valid which change from system to system.

https://github.com/scrt/cve-2022-42475

CVE-2023-23397-POC-Powershell exploit [untested].

https://github.com/api0cradle/CVE-2023-23397-POC-Powershell

■■■■□ Google finds 18 zero-day vulnerabilities in Samsung Exynos chipsets.

https://www.bleepingcomputer.com/news/security/google-finds-18-zero-day-vulnerabilities-in-samsung-exynos-chipsets/

Fortinet Zero-Day and Custom Malware Used by Suspected Chinese Actor in Espionage Operation.

https://www.mandiant.com/resources/blog/fortinet-malware-ecosystem

aCropalypse vulnerability can recover sensitive information previously removed from Pixel screenshots.

https://www.xda-developers.com/acropalypse-vulnerability/