REW-sploit v0.3 releases: Dissecting Metasploit Attacks https://securityonline.info/rew-sploit-dissecting-metasploit-attacks/
Cybersecurity News
REW-sploit v0.5.1 releases: Dissecting Metasploit Attacks
Need help in analyzing Windows shellcode or attack coming from Metasploit Framework or Cobalt Strike. REW-sploit is here to help Blue Teams!
Hacking from the Pool: A DEF CON 2021 Retrospective https://dttw.tech/posts/ByGpq5bgt
dttw.tech
Hacking from the Pool: A DEF CON 2021 Retrospective - Down to the Wire
Much like the rest of the world, DEF CON CTF returned this year in a hybrid online/in-person format. For those who wanted it, space was reserved on the game floor to hack amidst the other teams that came to Vegas. For the rest of us who were still a bit nervous…
Breaking the NFC chips in tens of millions of smart phones, and a few PoS systems https://www.pentestpartners.com/security-blog/breaking-the-nfc-chips-in-tens-of-millions-of-smart-phones-and-a-few-pos-systems/
Pen Test Partners
Breaking the NFC chips in tens of millions of smart phones, and a few PoS systems | Pen Test Partners
This second post is a companion to the DEF CON 29 video. Starts at 25:43 here. About a year ago I did some research into adding new capabilities to Samsung’s NFC chips in their smartphones, by bypassing their signature protection and applying code patches.…
assless-chaps: Crack MSCHAPv2 challenge/responses quickly https://securityonline.info/assless-chaps-crack-mschapv2-challenge-responses-quickly/
Cybersecurity News
assless-chaps: Crack MSCHAPv2 challenge/responses quickly
Assless CHAPs is an efficient way to recover the NT hash used in a MSCHAPv2/NTLMv1 exchange if you have the challenge and response
Defense Evasion Series Part 1 AMSI Bypass https://dazzyddos.github.io/posts/AMSI-Bypass/
Dazzy Ddos
Defense Evasion Series Part 1 AMSI Bypass
Introduction
Introducing GoKart, a Smarter Go Security Scanner https://www.praetorian.com/blog/introducing-gokart/
Praetorian
Introducing GoKart, a Smarter Go Security Scanner | Praetorian
At Praetorian, we’re committed to promoting and contributing to open source security projects and radically focused on developing technologies to enhance the overall state of cybersecurity. We love when our passions and business commitments overlap so today…
Reverse Engineering the Austrian ID-Card Verification App https://yepoleb.github.io/blog/2021/08/18/reverse-engineering-the-check-at-android-app/
Convert Apple NeuralHash model for CSAM Detection to ONNX https://github.com/AsuharietYgvar/AppleNeuralHash2ONNX
GitHub
GitHub - AsuharietYgvar/AppleNeuralHash2ONNX: Convert Apple NeuralHash model for CSAM Detection to ONNX.
Convert Apple NeuralHash model for CSAM Detection to ONNX. - AsuharietYgvar/AppleNeuralHash2ONNX
Detecting Embedded Content in OOXML Documents https://www.fireeye.com/blog/threat-research/2021/08/detecting-embedded-content-in-ooxml-documents.html
Dissecting the last version of Conti Ransomware using a step-by-step approach https://cybergeeks.tech/dissecting-the-last-version-of-conti-ransomware-using-a-step-by-step-approach/
Write-up of CVE-2021-30656 https://jsherman212.github.io/CVE-2021-30656/
mobile Audit: performs SAST and Malware Analysis for Android APKs https://securityonline.info/mobile-audit-performs-sast-and-malware-analysis-for-android-apks/
Cybersecurity News
mobile Audit v3.0 releases: performs SAST and Malware Analysis for Android APKs
Mobile Audit - SAST and Malware Analysis for Android Mobile APKs. Django Web application for performing Static Analysis, detecting malware in Android APKs
HID simulation for DRAKVUF https://www.cert.pl/en/posts/2021/08/hid-simulation-for-drakvuf/
cert.pl
HID simulation for DRAKVUF
Guest post by our Google Summer of Code student, Jan Gruber Project proposal: https://summerofcode.withgoogle.com/projects/#6703931754807296 Overview My project for GSoC 2021 was to realize an undetectable simulation of human behaviour in the VMI-based sandbox…
Exploiting CVE-2021-21225 and disabling W^X https://tiszka.com/blog/CVE_2021_21225_exploit.html
Report on QNX BadAlloc vulnerability, which affects embedded devices like control systems https://media.defense.gov/2021/Apr/29/2002630479/-1/-1/0/CSA_STOP-MCA-AGAINST-OT_UOO13672321.PDF
Automating security assessments using Cloud Katana https://www.microsoft.com/security/blog/2021/08/19/automating-security-assessments-using-cloud-katana/
Microsoft Security Blog
Automating security assessments using Cloud Katana | Microsoft Security Blog
Today, we are open-sourcing Cloud Katana, a cloud-native tool under development, to automate simulation steps on-demand in multi-cloud and hybrid cloud environments. This tool is an event-driven, serverless compute application built on the top of Azure Functions…
Firmware Supply Chain is Hard(coded) https://www.binarly.io/posts/Firmware_Supply_Chain_is_Hard(coded)/index.html
Understanding Network Access in Windows AppContainers https://googleprojectzero.blogspot.com/2021/08/understanding-network-access-windows-app.html
projectzero.google
Understanding Network Access in Windows AppContainers
Posted by James Forshaw, Project ZeroRecently I've been delving into the inner workings...
Multiple threat actors, including a ransomware gang, exploiting Exchange ProxyShell vulnerabilities https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c
Medium
Multiple threat actors, including a ransomware gang, exploiting Exchange ProxyShell vulnerabilities
These vulnerabilities are worse than ProxyLogon, the Exchange vulnerabilities revealed in March.
From Pwn2Own 2021: A New Attack Surface on Microsoft Exchange - ProxyShell! https://www.zerodayinitiative.com/blog/2021/8/17/from-pwn2own-2021-a-new-attack-surface-on-microsoft-exchange-proxyshell
Zero Day Initiative
Zero Day Initiative — From Pwn2Own 2021: A New Attack Surface on Microsoft Exchange - ProxyShell!
In April 2021, Orange Tsai from DEVCORE Research Team demonstrated a remote code execution vulnerability in Microsoft Exchange during the Pwn2Own Vancouver 2021 contest. In doing so, he earned himself $200,000. Since then, he has disclosed several other…