From Pwn2Own 2021: A New Attack Surface on Microsoft Exchange - ProxyShell! https://www.zerodayinitiative.com/blog/2021/8/17/from-pwn2own-2021-a-new-attack-surface-on-microsoft-exchange-proxyshell
Zero Day Initiative
Zero Day Initiative — From Pwn2Own 2021: A New Attack Surface on Microsoft Exchange - ProxyShell!
In April 2021, Orange Tsai from DEVCORE Research Team demonstrated a remote code execution vulnerability in Microsoft Exchange during the Pwn2Own Vancouver 2021 contest. In doing so, he earned himself $200,000. Since then, he has disclosed several other…
Integer Overflow to RCE — ManageEngine Asset Explorer Agent (CVE-2021–20082) https://medium.com/tenable-techblog/integer-overflow-to-rce-manageengine-asset-explorer-agent-cve-2021-20082-7e54cb2caad5
Medium
Integer Overflow to RCE — ManageEngine Asset Explorer Agent (CVE-2021–20082)
A couple months back, Chris Lyne and I had a look at ManageEngine ServiceDesk Plus. This product consists of a server / agent model in…
CVE-2021-31956 Exploiting the Windows Kernel (NTFS with WNF) – Part 2 https://research.nccgroup.com/2021/08/17/cve-2021-31956-exploiting-the-windows-kernel-ntfs-with-wnf-part-2/
CVE-2021-22929 – Brave Browser 1.27 and below permanently logs the server connection time for all v2 tor domains https://sick.codes/sick-2021-109/
Sick Codes - Security Research, Hardware & Software Hacking, Consulting, Linux, IoT, Cloud, Embedded, Arch, Tweaks & Tips!
CVE-2021-22929 - Brave Browser 1.27 and below permanently logs the server connection time for all v2 tor domains to ~/.config/BraveSoftware…
Title CVE-2021-22929 Brave Browser 1.27 and below permanently logs the server connection time for all v2 tor domains to ~/.config/BraveSoftware/Brave-Browser/tor/data/tor.log CVE ID CVE-2021-22929 CVSS Score 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N…
Accellion Kiteworks Vulnerabilities https://insomniasec.com/blog/accellion-kiteworks
Sophos UTM Preauth RCE: A Deep Dive into CVE-2020-25223 https://www.atredis.com/blog/2021/8/18/sophos-utm-cve-2020-25223
Atredis Partners
Sophos UTM Preauth RCE: A Deep Dive into CVE-2020-25223 — Atredis Partners
Note: Sophos fixed this issue in September 2020. Information about patch availability is in their security advisory .
REW-sploit v0.3 releases: Dissecting Metasploit Attacks https://securityonline.info/rew-sploit-dissecting-metasploit-attacks/
Cybersecurity News
REW-sploit v0.5.1 releases: Dissecting Metasploit Attacks
Need help in analyzing Windows shellcode or attack coming from Metasploit Framework or Cobalt Strike. REW-sploit is here to help Blue Teams!
Hacking from the Pool: A DEF CON 2021 Retrospective https://dttw.tech/posts/ByGpq5bgt
dttw.tech
Hacking from the Pool: A DEF CON 2021 Retrospective - Down to the Wire
Much like the rest of the world, DEF CON CTF returned this year in a hybrid online/in-person format. For those who wanted it, space was reserved on the game floor to hack amidst the other teams that came to Vegas. For the rest of us who were still a bit nervous…
Breaking the NFC chips in tens of millions of smart phones, and a few PoS systems https://www.pentestpartners.com/security-blog/breaking-the-nfc-chips-in-tens-of-millions-of-smart-phones-and-a-few-pos-systems/
Pen Test Partners
Breaking the NFC chips in tens of millions of smart phones, and a few PoS systems | Pen Test Partners
This second post is a companion to the DEF CON 29 video. Starts at 25:43 here. About a year ago I did some research into adding new capabilities to Samsung’s NFC chips in their smartphones, by bypassing their signature protection and applying code patches.…
assless-chaps: Crack MSCHAPv2 challenge/responses quickly https://securityonline.info/assless-chaps-crack-mschapv2-challenge-responses-quickly/
Cybersecurity News
assless-chaps: Crack MSCHAPv2 challenge/responses quickly
Assless CHAPs is an efficient way to recover the NT hash used in a MSCHAPv2/NTLMv1 exchange if you have the challenge and response
Defense Evasion Series Part 1 AMSI Bypass https://dazzyddos.github.io/posts/AMSI-Bypass/
Dazzy Ddos
Defense Evasion Series Part 1 AMSI Bypass
Introduction
Introducing GoKart, a Smarter Go Security Scanner https://www.praetorian.com/blog/introducing-gokart/
Praetorian
Introducing GoKart, a Smarter Go Security Scanner | Praetorian
At Praetorian, we’re committed to promoting and contributing to open source security projects and radically focused on developing technologies to enhance the overall state of cybersecurity. We love when our passions and business commitments overlap so today…
Reverse Engineering the Austrian ID-Card Verification App https://yepoleb.github.io/blog/2021/08/18/reverse-engineering-the-check-at-android-app/
Convert Apple NeuralHash model for CSAM Detection to ONNX https://github.com/AsuharietYgvar/AppleNeuralHash2ONNX
GitHub
GitHub - AsuharietYgvar/AppleNeuralHash2ONNX: Convert Apple NeuralHash model for CSAM Detection to ONNX.
Convert Apple NeuralHash model for CSAM Detection to ONNX. - AsuharietYgvar/AppleNeuralHash2ONNX
Detecting Embedded Content in OOXML Documents https://www.fireeye.com/blog/threat-research/2021/08/detecting-embedded-content-in-ooxml-documents.html
Dissecting the last version of Conti Ransomware using a step-by-step approach https://cybergeeks.tech/dissecting-the-last-version-of-conti-ransomware-using-a-step-by-step-approach/
Write-up of CVE-2021-30656 https://jsherman212.github.io/CVE-2021-30656/
mobile Audit: performs SAST and Malware Analysis for Android APKs https://securityonline.info/mobile-audit-performs-sast-and-malware-analysis-for-android-apks/
Cybersecurity News
mobile Audit v3.0 releases: performs SAST and Malware Analysis for Android APKs
Mobile Audit - SAST and Malware Analysis for Android Mobile APKs. Django Web application for performing Static Analysis, detecting malware in Android APKs
HID simulation for DRAKVUF https://www.cert.pl/en/posts/2021/08/hid-simulation-for-drakvuf/
cert.pl
HID simulation for DRAKVUF
Guest post by our Google Summer of Code student, Jan Gruber Project proposal: https://summerofcode.withgoogle.com/projects/#6703931754807296 Overview My project for GSoC 2021 was to realize an undetectable simulation of human behaviour in the VMI-based sandbox…
Exploiting CVE-2021-21225 and disabling W^X https://tiszka.com/blog/CVE_2021_21225_exploit.html