DLL hijacking vulnerabilities in Nirsoft tools https://borncity.com/win/2020/04/16/dll-hijacking-vulnerabilities-in-nirsoft-tools/
Born's Tech and Windows World
DLL hijacking vulnerabilities in Nirsoft tools
[German]The Nirsoft tools are probably known to many Windows users. What is less known: The tools come along with nasty DLL hijacking vulnerabilities and should rather be avoided. The topic has been…
Fingerprinting Windows versions, AV, wireless cards over the network—all without authentication https://www.rumble.run/blog/research-dcerpc/
Rumble Network Discovery
Fingerprinting Windows versions, AV, wireless cards over the network—all without authentication
Correctly identifying and categorizing network-connected systems without credentials is a tricky challenge and one of the fun parts of working at Rumble. This process of “fingerprinting” uses thousands of rules, pattern matches, and internal databases to…
EasyAntiCheat Exploit to inject unsigned code into protected processes https://back.engineering/10/08/2021/
Rotten Apples: MacOS Codesigning Translocation Vulnerability https://occamsec.com/rotten-apples-macos-codesigning-translocation-vulnerability/
www.occamsec.com
MacOS Codesigning Translocation Vulnerability - OccamSec
Mistuned Part 1: Client-side XSS to Calculator and More https://blog.chichou.me/2021/08/04/mistuned-part-i/
CodeColorist
Mistuned Part 1: Client-side XSS to Calculator and More
Ever since Pointer Authentication Code (PAC) has been introduced, iPhone remained standing for more than two years on various pwn contests until TianfuCup 2020 (Project Zero has reported a remote zero click exploit in 2019). Ant Security and Qihoo 360 used…
Automated Detection of Obfuscated Code https://synthesis.to/2021/08/10/obfuscation_detection.html
Having fun with a Use-After-Free in ProFTPd (CVE-2020-9273) https://adepts.of0x.cc/proftpd-cve-2020-9273-exploit/
Having fun with a Use-After-Free in ProFTPd (CVE-2020-9273) |
Having fun with a Use-After-Free in ProFTPd (CVE-2020-9273) | AdeptsOf0xCC
Development of a PoC for CVE-2020-9273 (Use-After-Free in ProFTPd)
How ransomware happens and how to stop it https://www.cert.govt.nz/it-specialists/guides/how-ransomware-happens-and-how-to-stop-it/
How to Hack APIs in 2021 https://labs.detectify.com/2021/08/10/how-to-hack-apis-in-2021/
Labs Detectify
How to Hack APIs in 2021
Detectify Crowdsource is not your average bug bounty platform. It’s an invite-only community of the best ethical hackers who are passionate about securing modern technologies ...
You're Doing IoT RNG https://labs.bishopfox.com/tech-blog/youre-doing-iot-rng
Bishop Fox
You're Doing IoT Security RNG: The Crack in the Foundation of IoT
Learn why hardware random number generators (RNG) used by billions of IoT devices to create encryption keys don't always generate random numbers.
WebLogic CVE-2021-2394 RCE Analysis https://paper.seebug.org/1655/
CVE-2021-2109: Oracle Weblogic/Peoplesoft Malware attack and Analysis https://digitalitskills.com/cve-2021-2109-oracle-weblogic-peoplesoft-malware-attack-and-analysis/
Volatility | Memory Forensics | Malware| DIGITAL IT SKILLS - Skills that matter
CVE-2021-2109: Oracle Weblogic/Peoplesoft Malware attack and Analysis - Volatility | Memory Forensics | Malware| DIGITAL IT SKILLS
Introduction People working on Oracle stack must have worked on Oracle Weblogic, application server for hosting enterprise applications. Oracle Weblogic is a leading player in the industry and most of the products from Oracle like PeopleSoft, OBIEE use it…
Nice collection of mindmaps >> https://twitter.com/harshbothra_/status/1423914059271868416?s=09
Twitter
Harsh Bothra
All MindMap that I have made so far 1. Forget Password Vulns: xmind.net/m/nZwbdk/ 2. XML Attacks: xmind.net/m/xNEY9b/ 3. 2FA Bypass Techniques: xmind.net/m/8Hkymg/ 4. Android PT Checklist: xmind.net/m/GkgaYH/ (1/2) #AppSec #hacking #bugbountytips #websecurity
Some Musings on Common (eBPF) Linux Tracing Bugs https://research.nccgroup.com/2021/08/06/some-musings-on-common-ebpf-linux-tracing-bugs/
NCC Group Research Blog
Some Musings on Common (eBPF) Linux Tracing Bugs
Having been in the game of auditing kprobe-based tracers for the past couple of years, and in light of this upcoming DEF CON on eBPF tracer race conditions (which you should go watch) being given b…
Analysis of a Heap Buffer-Overflow Vulnerability in Microsoft Windows Address Book http://blog.exodusintel.com/2021/08/05/analysis-of-a-heap-buffer-overflow-vulnerability-in-microsoft-windows-address-book/
Exodus Intelligence
Analysis of a Heap Buffer-Overflow Vulnerability in Microsoft Windows Address Book - Exodus Intelligence
By Eneko Cruz Elejalde Overview This post analyzes a heap-buffer overflow in Microsoft Windows Address Book. Microsoft released an advisory for this vulnerability for the 2021 February patch Tuesday. This post will go into detail about what Microsoft Windows…
From Stranger to DA // Using PetitPotam to NTLM relay to Domain Administrator https://blog.truesec.com/2021/08/05/from-stranger-to-da-using-petitpotam-to-ntlm-relay-to-active-directory/
Microsoft Patched the Issue With Windows Containers That Enabled Siloscape https://unit42.paloaltonetworks.com/windows-container-escape-patch/
Unit 42
Microsoft Patched the Issue With Windows Containers That Enabled Siloscape
Microsoft recently added additional security checks that address the Windows container escape that enabled Siloscape.
Indra — Hackers Behind Recent Attacks on Iran https://research.checkpoint.com/2021/indra-hackers-behind-recent-attacks-on-iran/
Check Point Research
Indra — Hackers Behind Recent Attacks on Iran - Check Point Research
Check Point Research reveals that a threat actor named Indra is responsible for the attacks against targets in Iran, as well as against companies in Syria.
Uncovering Tetris – a Full Surveillance Kit Running in your Browser https://imp0rtp3.wordpress.com/2021/08/12/tetris/
imp0rtp3
Uncovering Tetris – a Full Surveillance Kit Running in your Browser
Executive Summary A Chinese state sponsored threat actor is targeting Chinese-speaking opposition through waterholed websites.The Campaign uses a modular and custom JS surveillance framework, dubbe…