Abusing Java Remote Protocols in IBM WebSphere: Details on two bugs - one RCE and one Info Disclosure - in the WebSphere application server
๐ฃRedmondSecGnome
๐@malwr
๐ฃRedmondSecGnome
๐@malwr
Zero Day Initiative
Zero Day Initiative โ Abusing Java Remote Protocols in IBM WebSphere
Back in April of this year, a researcher named tint0 submitted two bugs in IBM WebSphere to the ZDI program. One was an information disclosure vulnerability while the other could lead to remote code execution (RCE). This blog covers ZDI-20-689 /CVE-2020โฆ
Sophos XG - A Tale of the Unfortunate Re-engineering of an N-Day and the Lucky Find of a 0-Day
๐ฃ0xniph
๐@malwr
๐ฃ0xniph
๐@malwr
Blogspot
CODE WHITE | Blog: Sophos XG - A Tale of the Unfortunate Re-engineering of an N-Day and the Lucky Find of a 0-Day
On April 25, 2020, Sophos published a knowledge base article (KBA) 135412 which warned about a pre-authenticated SQL injection (SQLi) vulne...
Unpacking Bosch Surveillance Camera Firmware
๐ฃanvilventures
Very nice and detailed guide of what he did, the GitHub tool is a nice touch as well, found it quite an interesting read - now that itโs unpacked can you find vulnerabilities? :)
๐คrathaus
๐@malwr
๐ฃanvilventures
Very nice and detailed guide of what he did, the GitHub tool is a nice touch as well, found it quite an interesting read - now that itโs unpacked can you find vulnerabilities? :)
๐คrathaus
๐@malwr
Anvil Ventures
Unpacking Bosch Surveillance Camera Firmware - Anvil Ventures
While looking for new devices to perform reverse engineering on, I became interested in Boschโs FlexiDome line of cameras, specifically the FlexiDome 7000, a day/night surveillance camera. This blog post demonstrates how I reverse engineered the firmwareโฆ
โค1
Malware News pinned ยซDo you want to share your researches here? Ping me: @SirMalware ๐@malwrยป
New 9.8 CVE for Juniper Junos OS - remote code execution.
ohhhh boy, this a big one.
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11034
Good luck, teams!
๐ฃsloth_on_meth
๐@malwr
ohhhh boy, this a big one.
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11034
Good luck, teams!
๐ฃsloth_on_meth
๐@malwr
reddit
New 9.8 CVE for Juniper Junos OS - remote code execution.
ohhhh boy, this a big one. https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11034 Good luck, teams!
bddisasm - fast and lightweight cross platform x86/x64 instruction decoder and shellcode emulator (more than 7M instructions decoded per second)
๐ฃbogdannumaprind
๐@malwr
๐ฃbogdannumaprind
๐@malwr
GitHub
GitHub - bitdefender/bddisasm: bddisasm is a fast, lightweight, x86/x64 instruction decoder. The project also features a fastโฆ
bddisasm is a fast, lightweight, x86/x64 instruction decoder. The project also features a fast, basic, x86/x64 instruction emulator, designed specifically to detect shellcode-like behavior. - bitd...
IoT Digital Forensics Course by R. Jean Costello | A free IoT Forensics course, including hands-on labs
๐ฃLordUlthar
๐@malwr
๐ฃLordUlthar
๐@malwr
GitHub
GitHub - RJC497/IoT-Digital-Forensics-Course: IoT Digital Forensics Course with hands-on labs
IoT Digital Forensics Course with hands-on labs. Contribute to RJC497/IoT-Digital-Forensics-Course development by creating an account on GitHub.
Chinese APT group targets India and Hong Kong using new variant of MgBot malware
https://blog.malwarebytes.com/threat-analysis/2020/07/chinese-apt-group-targets-india-and-hong-kong-using-new-variant-of-mgbot-malware/
๐ฃdigicat
๐@malwr
https://blog.malwarebytes.com/threat-analysis/2020/07/chinese-apt-group-targets-india-and-hong-kong-using-new-variant-of-mgbot-malware/
๐ฃdigicat
๐@malwr
Extending the Exploration and Analysis of Windows RPC Methods Calling other Functions with Ghidra ๐, Jupyter Notebooks ๐ and Graphframes ๐!
๐ฃdigicat
๐@malwr
๐ฃdigicat
๐@malwr
Medium
Extending the Exploration and Analysis of Windows RPC Methods Calling other Functions with Ghidra ๐, Jupyter Notebooks ๐ and Graphframesโฆ
A few weeks ago, I was going over some of the research topics in my to-do list, and the one that sounded interesting to work on during 4thโฆ