Phishing Campaigns are Manipulating the Windows Control Panel Extension to Deliver Banking Trojans - Cofense
https://cofense.com/phishing-campaigns-manipulating-windows-control-panel-extension-deliver-banking-trojans/
https://cofense.com/phishing-campaigns-manipulating-windows-control-panel-extension-deliver-banking-trojans/
Cofense
Phishing Campaigns are Manipulating the Windows Control Panel Extension to Deliver Banking Trojans - Cofense
By Aaron Riley and Marcel Feller CISO Summary Recently, CofenseTM has seen phishing campaigns that bypass email security using a .cpl file extension attachment. .CPL is the file name extension for items or icons appearing in the Windows Control Panel. These…
Notes on fuzzing ImageMagick and GraphicsMagick - The Blagoblag
https://alexgaynor.net/2019/feb/05/notes-fuzzing-imagemagick-graphicsmagick/
https://alexgaynor.net/2019/feb/05/notes-fuzzing-imagemagick-graphicsmagick/
Bypass Application Whitelisting using Weak Path Rule
https://www.hackingarticles.in/bypass-application-whitelisting-using-weak-path-rule/
https://www.hackingarticles.in/bypass-application-whitelisting-using-weak-path-rule/
Hacking Articles
Bypass Application Whitelisting using Weak Path Rule
Learn how to bypass application whitelisting security by exploiting weak path rules in Windows environments for penetration testing.
Qealler – a new JAR-based information stealer | Zscaler Blog
https://www.zscaler.com/blogs/research/qealler-new-jar-based-information-stealer
https://www.zscaler.com/blogs/research/qealler-new-jar-based-information-stealer
Zscaler
Qealler – a new JAR-based information stealer
Zscaler ThreatLabZ has observed a rise in the malware's activity, which was detected in the Zscaler Cloud Sandbox. "Qealler" a new piece of malware, is written in Java and designed to silently steal credentials in infected machines. Read more.
Clever Phishing Attack Enlists Google Translate to Spoof Login Page | Threatpost | The first stop for security news
https://threatpost.com/clever-phishing-attack-enlists-google-translate-to-spoof-facebook-login-page/141571/
https://threatpost.com/clever-phishing-attack-enlists-google-translate-to-spoof-facebook-login-page/141571/
Threat Post
Clever Phishing Attack Enlists Google Translate to Spoof Login Page
A tricky two-stage phishing scam is targeting Facebook and Google credentials using a landing page that hides behind Google's translate feature.
[PoC] [CVE-2018-18354] Chrome remote code execution attack chain
Ignore Sandbox , Ignore Applock , Ignore download restriction
combined 3 bugs into logical vulnerability attack chain
https://t.co/IUWnx1mgZM
Ignore Sandbox , Ignore Applock , Ignore download restriction
combined 3 bugs into logical vulnerability attack chain
https://t.co/IUWnx1mgZM
How Android Q improves privacy and permission controls over Android Pie
https://www.xda-developers.com/android-q-privacy-permission-controls/
https://www.xda-developers.com/android-q-privacy-permission-controls/
XDA Developers
How Android Q improves Privacy and Permission Controls over Android Pie
Android Q will bring a revamp to permission management and enhancements to protect user privacy. Here's what Google has changed since Android Pie.
ClusterFuzz, an infrastructure used for fuzzing Chrome and OSS-Fuzz, is open source now! Enjoy responsibly :)
Blog: https://t.co/v6ywgccmRH
Code: https://t.co/lO9ACd7FY8
Blog: https://t.co/v6ywgccmRH
Code: https://t.co/lO9ACd7FY8
Google Open Source Blog
Open sourcing ClusterFuzz
The latest news from Google on open source releases, major projects, events, and student outreach programs.
Remote Code Execution via Path Traversal in the Device Metadata Authoring Wizard
https://posts.specterops.io/remote-code-execution-via-path-traversal-in-the-device-metadata-authoring-wizard-a0d5839fc54f
https://posts.specterops.io/remote-code-execution-via-path-traversal-in-the-device-metadata-authoring-wizard-a0d5839fc54f
Medium
Remote Code Execution via Path Traversal in the Device Metadata Authoring Wizard
Attackers can use the .devicemanifest-ms and .devicemetadata-ms file extensions for phishing if the Windows Driver Kit is installed.
DnsCache. reference example for how to call the Windows API to enumerate cached DNS records in the Windows resolver
https://t.co/YDhPvp9LKU
https://t.co/YDhPvp9LKU
Discovering and Exploiting a Vulnerability in Android’s Personal Dictionary (CVE-2018-9375) | IOActive
https://ioactive.com/discovering-and-exploiting-a-vulnerability-in-androids-personal-dictionary/
https://ioactive.com/discovering-and-exploiting-a-vulnerability-in-androids-personal-dictionary/
Frida 12.3 Debuts New Crash Reporting Feature - NowSecure
https://www.nowsecure.com/blog/2019/02/07/frida-12-3-debuts-new-crash-reporting-feature/
https://www.nowsecure.com/blog/2019/02/07/frida-12-3-debuts-new-crash-reporting-feature/
NowSecure
Frida 12.3 Debuts New Crash Reporting Feature
The Frida 12.3 open-source software dynamic instrumentation toolkit offers an exciting new app crash reporting feature that provides more details about... #Frida #OpenSourceTools #ProductUpdates
A guide to HTTP security headers for better web browser security | Detectify Blog
https://blog.detectify.com/2019/02/05/guide-http-security-headers-for-better-web-browser-security/
https://blog.detectify.com/2019/02/05/guide-http-security-headers-for-better-web-browser-security/
Detectify Blog
A guide to HTTP security headers for better web browser security - Detectify Blog
A guide on different response HTTP-headers that a web server can include in a request in order to prevent XSS attacks, protecting the web browser user.
Evil Twin Attack - The Definitive Guide (Updated 2019)
https://rootsh3ll.com/evil-twin-attack/
https://rootsh3ll.com/evil-twin-attack/
Remote Code Execution - Explaination, Writeups and Tools.
https://medium.com/@ashishrohra/remote-code-execution-explaination-writeups-and-tools-a8e4c3362259
https://medium.com/@ashishrohra/remote-code-execution-explaination-writeups-and-tools-a8e4c3362259
Medium
Introduction
Hey fellow hackers today in this post we will talk about Remote Code Execution, its types and will see some POC’s related to it. All these…
Introduction to IoT Reverse Engineering - with an example on a home router
[SLIDES]
https://t.co/nzrulHpKsg
[SLIDES]
https://t.co/nzrulHpKsg
Making Meterpreter Look Google-Signed (Using MSI & JAR Files)
https://medium.com/forensicitguy/making-meterpreter-look-google-signed-using-msi-jar-files-c0a7970ff8b7
https://medium.com/forensicitguy/making-meterpreter-look-google-signed-using-msi-jar-files-c0a7970ff8b7
Medium
Making Meterpreter Look Google-Signed (Using MSI & JAR Files)
In this post I’ll use some of the information made public by VirusTotal in a recent blog post and show how you can easily create a…
Remote Code Execution with Groovy console in Jenkins
https://medium.com/@_bl4de/remote-code-execution-with-groovy-console-in-jenkins-bd6ef55c285b
https://medium.com/@_bl4de/remote-code-execution-with-groovy-console-in-jenkins-bd6ef55c285b
Make It Rain with MikroTik – Tenable TechBlog – Medium
https://medium.com/tenable-techblog/make-it-rain-with-mikrotik-c90705459bc6
https://medium.com/tenable-techblog/make-it-rain-with-mikrotik-c90705459bc6
Medium
Make It Rain with MikroTik
Not a Coinhive Writeup
Privilege Escalation in Ubuntu Linux (dirty_sock exploit) | Shenanigans Labs
https://shenaniganslabs.io/2019/02/13/Dirty-Sock.html
https://shenaniganslabs.io/2019/02/13/Dirty-Sock.html
Shenanigans Labs
Privilege Escalation in Ubuntu Linux (dirty_sock exploit)
In January 2019, I discovered a privilege escalation vulnerability in default installations of Ubuntu Linux. This was due to a bug in the snapd API, a default service. Any local user could exploit this vulnerability to obtain immediate root access to the…
Recon-ng Tutorial
Part 1 Install and Setup
https://t.co/6KmMj59yCO
Part 2 Workspaces and Import
https://t.co/kua3VB200g
Part 3 Usage and Reporting
https://t.co/gHBp5lw8KK
Part 1 Install and Setup
https://t.co/6KmMj59yCO
Part 2 Workspaces and Import
https://t.co/kua3VB200g
Part 3 Usage and Reporting
https://t.co/gHBp5lw8KK