Realtek WiFi Firmware and a Fully 8051-based Keylogger Using RealWOW Technology https://8051enthusiast.github.io/2021/07/05/002-wifi_fun.html
sqlvet: performs static analysis on raw SQL queries https://securityonline.info/sqlvet-performs-static-analysis-on-raw-sql-queries/
Cybersecurity News
sqlvet v1.1.7 releases: performs static analysis on raw SQL queries
Sqlvet performs static analysis on raw SQL queries in your Go codebase to surface potential runtime errors at build time.
Fuzzing ImageMagick and Digging Deeper into CVE-2020-27829 https://www.mcafee.com/blogs/other-blogs/mcafee-labs/fuzzing-imagemagick-and-digging-deeper-into-cve-2020-27829/
McAfee Blog
Fuzzing ImageMagick and Digging Deeper into CVE-2020-27829 | McAfee Blog
Introduction: ImageMagick is a hugely popular open source software that is used in lot of systems around the world. It is available for the Windows,
TrickBot Botnet Found Deploying A New Ransomware Called Diavol https://thehackernews.com/2021/07/trickbot-botnet-found-deploying-new.html
CVE-2021-20595: Unauthenticated XXE in Multiple Mitsubishi Electric Air Conditioner Control Systems https://www.aon.com/cyber-solutions/aon_cyber_labs/cve-2021-20595-unauthenticated-xxe-in-multiple-mitsubishi-electric-air-conditioner-control-systems/
Aon
CVE-2021-20595: Unauthenticated XXE in Multiple Mitsubishi Electric Air Conditioner Control Systems | Aon
Aon’s Cyber Solutions discovered a security vulnerability affecting over 20 Mitsubishi Electric Air Conditioner Control Systems leading to information disclosure and/or denial of service via unauthenticated XML External Entity Injection (XXE). For a complete…
Snake Keylogger’s Many Skins: Analysing Code Reuse Among Infostealers https://threatresearch.ext.hp.com/the-many-skins-of-snake-keylogger/
HP Wolf Security
Snake Keylogger's Many Skins: Analysing Code Reuse Among Infostealers | HP Wolf Security
Don’t let cyber threats get the best of you. Read our post, Snake Keylogger's Many Skins: Analysing Code Reuse Among Infostealers, to learn more about cyber threats and cyber security.
Reverse Engineering the M6 Smart Fitness Bracelet https://rbaron.net/blog/2021/07/06/Reverse-engineering-the-M6-smart-fitness-band.html
rbaron.net
Reverse Engineering the M6 Smart Fitness Bracelet
A blog post on hacking the $6 M6 fitness tracker.
Adding a native sniffer to your implants: decomposing and recomposing PktMon https://adepts.of0x.cc/pktmon-dissection/
Adding a native sniffer to your implants: decomposing and recomposing PktMon |
Adding a native sniffer to your implants: decomposing and recomposing PktMon | AdeptsOf0xCC
Disecting PktMon.exe utility and building our own sniffer based on it
Microsoft Teams user enumeration
https://www.immunit.ch/blog/2021/07/05/microsoft-teams-user-enumeration/
https://www.immunit.ch/blog/2021/07/05/microsoft-teams-user-enumeration/
Hancitor Making Use of Cookies to Prevent URL Scraping https://www.mcafee.com/blogs/other-blogs/mcafee-labs/hancitor-making-use-of-cookies-to-prevent-url-scraping/
McAfee Blog
Hancitor Making Use of Cookies to Prevent URL Scraping | McAfee Blog
This blog was written by Vallabh Chole & Oliver Devane Over the years, the cybersecurity industry has seen many threats get taken down, such as the
Alan Framework: post-exploitation framework https://securityonline.info/alan-framework-post-exploitation-framework/
good post >> High School Student to InfoSec Pro: An Old College Try https://cradersecurity.com/articles/high-school-to-infosec-pro-part-1/
Crader Security
High School Student to InfoSec Pro: An Old College Try
How to tell if a career in Information Security is right for you. A multi-part series detailing how to land your first position in the security field.
Hacker deposited $1M in a popular cybercrime marketplace to buy zero-day exploits https://securityaffairs.co/wordpress/119845/cyber-crime/hacker-zero-day.html
Security Affairs
Hacker deposited $1M in a popular cybercrime marketplace to buy zero-day exploits
A threat actor has deposited 26.99 Bitcoins on one of the cybercrime forums, he aims at purchasing zero-day exploits from other forum members.
LibInjection – Detect SQL Injection (SQLi) and Cross-Site Scripting (XSS) https://www.darknet.org.uk/2021/05/libinjection-detect-sql-injection-sqli-and-cross-site-scripting-xss/
Darknet - Hacking Tools, Hacker News & Cyber Security
LibInjection - Detect SQL Injection (SQLi) and XSS
LibInjection is a C library to Detect SQL Injection (SQLi) and Cross-Site Scripting (XSS) through lexical analysis of real-world Attacks.
Tracking Cobalt Strike: A Trend Micro Vision One Investigation https://www.trendmicro.com/en_us/research/21/g/tracking_cobalt_strike_a_vision_one_investigation.html
Trend Micro
Tracking Cobalt Strike: A Trend Micro Vision One Investigation
Sneaky Malware Reconfigures Hive OS Wallet for Profit https://securehoney.net/blog/sneaky-malware-reconfigures-hive-os-wallet-for-profit.html
Secure Honey
Sneaky Malware Reconfigures Hive OS Wallet for Profit | Secure Honey
I recently observed some malware (uploaded to my honeypot) that targets Hive OS's wallet configuration -- to redirect mined coins to the attacker.
Conti Unpacked | Understanding Ransomware Development As a Response to Detection https://labs.sentinelone.com/conti-unpacked-understanding-ransomware-development-as-a-response-to-detection/
SentinelOne
Conti Unpacked | Understanding Ransomware Development As a Response to Detection - SentinelLabs
Conti's rapid encryption speed is matched only by its rapid evolution. SentinelLabs' deep dive explores its development in unprecedented detail.
PRINTNIGHTMARE NETWORK ANALYSIS https://labs.jumpsec.com/printnightmare-network-analysis/
JUMPSEC Labs
PRINTNIGHTMARE NETWORK ANALYSIS
DNSStager: hide and transfer your payload using DNS https://securityonline.info/dnsstager-hide-and-transfer-your-payload-using-dns/
Cybersecurity News
DNSStager v1.0 releases: hide and transfer your payload using DNS
DNSStager will create a malicious DNS server that handles DNS requests to your domain and return your payload as a response to specific record requests
Microsoft's Emergency Patch Fails to Fully Fix PrintNightmare RCE Vulnerability https://thehackernews.com/2021/07/microsofts-emergency-patch-fails-to.html