DarkHydrus APT Uses Google Drive to Send Commands to RogueRobin Trojan
https://www.bleepingcomputer.com/news/security/darkhydrus-apt-uses-google-drive-to-send-commands-to-roguerobin-trojan/
https://www.bleepingcomputer.com/news/security/darkhydrus-apt-uses-google-drive-to-send-commands-to-roguerobin-trojan/
BleepingComputer
DarkHydrus APT Uses Google Drive to Send Commands to RogueRobin Trojan
New malicious campaigns attributed to DarkHydrus APT group show the adversary's use of a new variant of the RogueRobin Trojan and of Google Drive as an alternative command and control (C2) communication channel.
Get Reverse-shell via Windows one-liner
https://www.hackingarticles.in/get-reverse-shell-via-windows-one-liner/
https://www.hackingarticles.in/get-reverse-shell-via-windows-one-liner/
Hacking Articles
Get Reverse-shell via Windows one-liner
This article will help those who play with CTF challenges because today we will discuss “Windows One-Liner” to use malicious commands such as PowerShell or
HOW A 8 LINES OF CODE CAN STEAL YOUR MONEY ! – Vjk – Medium
https://medium.com/@vjkhere/how-a-8-lines-of-code-can-steal-your-money-6eea463eae19
https://medium.com/@vjkhere/how-a-8-lines-of-code-can-steal-your-money-6eea463eae19
Medium
HOW A 8 LINES OF CODE CAN STEAL YOUR MONEY !
This is my very first blog in medium.com . i hope you all will like it !!
An intro to pentesting an Android phone – Thao N. Vo – Medium
https://medium.com/@tnvo/an-intro-to-pentesting-an-android-phone-464ec4860f39
https://medium.com/@tnvo/an-intro-to-pentesting-an-android-phone-464ec4860f39
Medium
Pentesting Android applications by reversing and finding attack surfaces
In this past semester, I was taking a cybersecurity class. Since our awesome professor believe in the concept that we learn by doing and…
Bypass EDR’s memory protection, introduction to hooking
https://medium.com/@fsx30/bypass-edrs-memory-protection-introduction-to-hooking-2efb21acffd6
https://medium.com/@fsx30/bypass-edrs-memory-protection-introduction-to-hooking-2efb21acffd6
Medium
Bypass EDR’s memory protection, introduction to hooking
How to get started with Malware Analysis and Reverse Engineering - 0ffset
https://0ffset.net/miscellaneous/how-to-get-started-with-malware-analysis/
https://0ffset.net/miscellaneous/how-to-get-started-with-malware-analysis/
0ffset Training Solutions | Practical and Affordable Cyber Security Training
How to get started with Malware Analysis | 0ffset Training Solutions
So it's been a while since I last posted anything - I've been extremely busy with exam season coming up, but I had a bit of spare time so I decided to post something. Expect more regular posts over the holidays, and I hope to revamp the website a bit so it…
GitHub - trimstray/technical-whitepapers: Collection of IT whitepapers, presentations, pdfs; hacking, web app security, db, reverse engineering and more; EN/PL.
https://github.com/trimstray/technical-whitepapers
https://github.com/trimstray/technical-whitepapers
GitHub
GitHub - trimstray/technical-whitepapers: Collection of IT whitepapers, presentations, pdfs; hacking, web app security, db, reverse…
Collection of IT whitepapers, presentations, pdfs; hacking, web app security, db, reverse engineering and more; EN/PL. - trimstray/technical-whitepapers
Top 10 Exploit Databases for Finding Vulnerabilities « Null Byte :: WonderHowTo
https://null-byte.wonderhowto.com/how-to/top-10-exploit-databases-for-finding-vulnerabilities-0189314/
https://null-byte.wonderhowto.com/how-to/top-10-exploit-databases-for-finding-vulnerabilities-0189314/
WonderHowTo
Top 10 Exploit Databases for Finding Vulnerabilities
Hundreds of Windows 10, macOS, and Linux vulnerabilities are disclosed every single week, many of which elude mainstream attention. Most users aren't even aware that newly found exploits and vulner...
Linux Privilege Escalation – Using apt-get/apt/dpkg to abuse sudo “NOPASSWD” misconfiguration – Logan S Diomedi – lsdsecurity
https://lsdsecurity.com/2019/01/linux-privilege-escalation-using-apt-get-apt-dpkg-to-abuse-sudo-nopasswd-misconfiguration/
https://lsdsecurity.com/2019/01/linux-privilege-escalation-using-apt-get-apt-dpkg-to-abuse-sudo-nopasswd-misconfiguration/
Black Energy – Analysis – Marcus Edmondson | Malware Analysis | Security Analytics
https://marcusedmondson.com/2019/01/18/black-energy-analysis/
https://marcusedmondson.com/2019/01/18/black-energy-analysis/
Marcus Edmondson | Offensive Security | Information Security
Black Energy – Analysis
So today I wanted to do a blog post on Black Energy. The sample I will be working with was sourced from hybrid analysis here: This particular piece of malware was used to target the networks used t…
Quick demo of the new Javascript injection feature, coming in Evilginx 2.3 - pre-filling the target's email address on Google's sign-in page, during a phishing attack. 2FA bypassed and Google account page fully working, through proxy, after successful authentication. https://t.co/iqAzRpruDd
Twitter
Kuba Gretzky
Quick demo of the new Javascript injection feature, coming in Evilginx 2.3 - pre-filling the target's email address on Google's sign-in page, during a phishing attack. 2FA bypassed and Google account page fully working, through proxy, after successful authentication.…
inputzero: Fuzzing HTTP Server (PDF.js) | Dhiraj Mishra
https://www.inputzero.io/2019/01/fuzzing-http-servers.html
https://www.inputzero.io/2019/01/fuzzing-http-servers.html
www.inputzero.io
Fuzzing HTTP Server (PDF.js)
Fuzzing HTTP Server | Mozilla PDF.js
A More Advanced Recon Automation #1 (Subdomains) – 003Random’s Blog
https://poc-server.com/blog/2019/01/18/advanced-recon-subdomains/
https://poc-server.com/blog/2019/01/18/advanced-recon-subdomains/
An inside look at nation-state cyber surveillance programs
https://blog.lookout.com/shmoocon-2019#.XEeMfNwW1y8.twitter
https://blog.lookout.com/shmoocon-2019#.XEeMfNwW1y8.twitter
Lookout
An inside look at nation-state cyber surveillance programs
On Saturday, January 19, Lookout researchers presented on their latest investigation into nation-state surveillance programs during a session called, “Behind Enemy Lines: Inside the operations of a nation state’s cyber program” at ShmooCon in Washington,…
Exploiting the Magellan bug on 64-bit Chrome Desktop - Exodus Intelligence
https://blog.exodusintel.com/2019/01/22/exploiting-the-magellan-bug-on-64-bit-chrome-desktop/
https://blog.exodusintel.com/2019/01/22/exploiting-the-magellan-bug-on-64-bit-chrome-desktop/
Exodus Intelligence
Exploiting the Magellan bug on 64-bit Chrome Desktop
In this post, we show how to reverse engineer the Magellan bug from the patch and exploit it on a 64bit desktop environment.
Frappé Technologies ERPNext Server Side Template Injection
https://medium.com/bugbountywriteup/frapp%C3%A9-technologies-erpnext-server-side-template-injection-74e1c95ec872
https://medium.com/bugbountywriteup/frapp%C3%A9-technologies-erpnext-server-side-template-injection-74e1c95ec872
Medium
Frappé Technologies ERPNext Server Side Template Injection
A few months ago I was particularly focused on researching vulnerabilities that occurred in Electronic Medical Record web applications…
Microsoft’s Cyber Defense Operations Center shares best practices – MSRC
https://blogs.technet.microsoft.com/msrc/2019/01/23/cdoc-best-practices/
https://blogs.technet.microsoft.com/msrc/2019/01/23/cdoc-best-practices/
Performing variant analysis with QL to find type confusion vulnerabilities in Ghostscript - Blog - LGTM
https://lgtm.com/blog/ghostscript_typeconfusion
https://lgtm.com/blog/ghostscript_typeconfusion
Github
Ghostscript type confusion: Using variant analysis to find vulnerabilities - GitHub Security Lab
This post describes how to perform variant analysis with CodeQL to catch missing type checking in Ghostscript, leading to the discovery of 3 new type confusion vulnerabilities (CVE-2018-19134, CVE-2018-19476, CVE-2018-19477)