Bypassing Wi-Fi Encryption by Manipulating Transmit Queues.
https://www.usenix.org/system/files/usenixsecurity23-schepers.pdf
https://www.usenix.org/system/files/usenixsecurity23-schepers.pdf
China has said in a technological breakthrough; entire electromagnetic spectrum can be analyzed and disabled by the jamming technology.
China Claims Starlink Satellites Now Easy Prey Thanks To ‘Tech Breakthrough’ In Electronic Warfare.
https://www.eurasiantimes.com/china-claims-breakthrough-in-electronic-warfare/amp/
China Claims Starlink Satellites Now Easy Prey Thanks To ‘Tech Breakthrough’ In Electronic Warfare.
https://www.eurasiantimes.com/china-claims-breakthrough-in-electronic-warfare/amp/
EURASIAN TIMES
China Claims Starlink Satellites Now Easy Prey Thanks To 'Tech Breakthrough' In Electronic Warfare
In yet another instance of extraordinary claims emerging from Beijing regarding electronic warfare capabilities, Chinese researchers, for the first time, purportedly have developed seamless, wide-bandwidth, real-time monitoring and analysis of the electromagnetic…
Zero-Day (via CVE-2023-45866): Exploiting Zero-click Android Bluetooth vulnerability to inject keystrokes without pairing.
https://www.mobile-hacker.com/2024/01/23/exploiting-0-click-android-bluetooth-vulnerability-to-inject-keystrokes-without-pairing/
https://www.mobile-hacker.com/2024/01/23/exploiting-0-click-android-bluetooth-vulnerability-to-inject-keystrokes-without-pairing/
Mobile Hacker
Exploiting 0-click Android Bluetooth vulnerability to inject keystrokes without pairing Mobile Hacker
[update 2024-02-19] This vulnerability can be even used to remotely wipe data of targeted Android smartphone. Using this vulnerability it is possible to guess user lock screen PIN. After five incorrect PINs device is locked out for 30 seconds. This operation…
Reverse engineering FOSCAM encryption keys from extracted firmware using Ghidra.
https://hacked.codes/2023/extracting-firmware-reverse-engineering-encryption-keys-foscam/
https://hacked.codes/2023/extracting-firmware-reverse-engineering-encryption-keys-foscam/
hacked.codes
Reverse engineering FOSCAM encryption keys from extracted firmware using Ghidra | hacked.codes
FOSCAM firmware is encrypted with openssl using a salted key. This post will demonstrate how to extract the firmware using an $14 SPI flash programmer, and reverse engineer the decryption keys for the firmware, and RSA keys that ship with the firmware using…
A tool that allegedly bypasses AMSI (AntiMalware Scan Interface) and PowerShell CLM (Constrained Language Mode) and gives you a FullLanguage PowerShell reverse shell.
https://github.com/Sh3lldon/FullBypass
https://github.com/Sh3lldon/FullBypass
GitHub
GitHub - Sh3lldon/FullBypass: A tool which bypasses AMSI (AntiMalware Scan Interface) and PowerShell CLM (Constrained Language…
A tool which bypasses AMSI (AntiMalware Scan Interface) and PowerShell CLM (Constrained Language Mode) and gives you a FullLanguage PowerShell reverse shell. - Sh3lldon/FullBypass
BurpSuite's chromium browser adds a header as it sends the request across to the server.
Sec-Ua*
● I found it when one website blocked my requests for a normal login (with a 302 redirect to WAF's soft error). This is over a half year old story. Thought of sharing.
● I found it when one website blocked my requests for a normal login (with a 302 redirect to WAF's soft error). This is over a half year old story. Thought of sharing.
HTTP Downgrade attacks with SmuggleFuzz.
https://moopinger.github.io/blog/smugglefuzz/fuzzing/smuggling/2024/01/31/SmuggleFuzz.html
https://moopinger.github.io/blog/smugglefuzz/fuzzing/smuggling/2024/01/31/SmuggleFuzz.html
MOOPINGER
HTTP Downgrade attacks with SmuggleFuzz
Place to store my thoughts on all things information-security related. Hopefully you find something of interest. Ramblings are my own. Charlton Smith
com_google_android_apps_bard_1_0_607712083_62_minAPI31nodpi_.apk
2.5 MB
Google's Gemini AI application file (not available globally).
Official source: https://play.google.com/store/apps/details?id=com.google.android.apps.bard
Official source: https://play.google.com/store/apps/details?id=com.google.android.apps.bard
Interesting thread on Azure vulnerability to take over Bing search results.
https://twitter.com/hillai/status/1641146508639600646
https://twitter.com/hillai/status/1641146508639600646
Major cyber-attack on Israel 🇮🇱 by pro-Pslestine hacker groups amid ongoing extermination cum genocide of Muslims ☪️ and Christians ✝️ in Gaza and West-Bank Palestine 🇵🇸 by Israel.
The Eilat power station is pwned and apparently electricity in some areas has been affected by this ICS-SCADA hack.
The Eilat power station is pwned and apparently electricity in some areas has been affected by this ICS-SCADA hack.
Google Chrome V8 CVE-2024-0517 Out-of-Bounds Write Code Execution.
https://blog.exodusintel.com/2024/01/19/google-chrome-v8-cve-2024-0517-out-of-bounds-write-code-execution
https://blog.exodusintel.com/2024/01/19/google-chrome-v8-cve-2024-0517-out-of-bounds-write-code-execution
Exodus Intelligence
Google Chrome V8 CVE-2024-0517 Out-of-Bounds Write Code Execution - Exodus Intelligence
By Javier Jimenez and Vignesh Rao Overview In this blog post we take a look at a vulnerability that we found in Google Chrome’s V8 JavaScript engine a few months ago. This vulnerability was patched in a Chrome update on 16 January 2024 and assigned CVE-2024…
Malware reverse engineering for beginners.
Part 1: https://intezer.com/blog/malware-analysis/malware-reverse-engineering-beginners/
Part 2: https://intezer.com/blog/incident-response/malware-reverse-engineering-for-beginners-part-2/
Part 1: https://intezer.com/blog/malware-analysis/malware-reverse-engineering-beginners/
Part 2: https://intezer.com/blog/incident-response/malware-reverse-engineering-for-beginners-part-2/
Intezer
Malware Reverse Engineering for Beginners - Part 1: From 0x0
Reverse engineering is an integral part of malware analysis and research - get started learning this advanced skill to investigate malware.
¤ ARM Exploitation - Defeating DEP - executing mprotect()
https://blog.3or.de/arm-exploitation-defeating-dep-executing-mprotect
¤ ARM Exploitation - Defeating DEP - execute system()
https://blog.3or.de/arm-exploitation-defeating-dep-execute-system
¤ ARM Exploitation - Setup and Tools
https://blog.3or.de/arm-exploitation-setup-and-tools
¤ ARM Exploitation: Return oriented Programming (Building ROP Chains)
https://blog.3or.de/arm-exploitation-return-oriented-programming
https://blog.3or.de/arm-exploitation-defeating-dep-executing-mprotect
¤ ARM Exploitation - Defeating DEP - execute system()
https://blog.3or.de/arm-exploitation-defeating-dep-execute-system
¤ ARM Exploitation - Setup and Tools
https://blog.3or.de/arm-exploitation-setup-and-tools
¤ ARM Exploitation: Return oriented Programming (Building ROP Chains)
https://blog.3or.de/arm-exploitation-return-oriented-programming
Zero-Day: A team of researchers from IBM and the VU Amsterdam university in the Netherlands on Tuesday disclosed the details of a new type of data leakage attack impacting all major CPU makers, as well as some widely used software.
https://download.vusec.net/papers/ghostrace_sec24.pdf
https://www.securityweek.com/major-cpu-software-vendors-impacted-by-new-ghostrace-attack
https://download.vusec.net/papers/ghostrace_sec24.pdf
https://www.securityweek.com/major-cpu-software-vendors-impacted-by-new-ghostrace-attack