Breaking the NFC chips in tens of millions of smart phones, and a few PoS systems https://www.pentestpartners.com/security-blog/breaking-the-nfc-chips-in-tens-of-millions-of-smart-phones-and-a-few-pos-systems/
Pen Test Partners
Breaking the NFC chips in tens of millions of smart phones, and a few PoS systems | Pen Test Partners
This second post is a companion to the DEF CON 29 video. Starts at 25:43 here. About a year ago I did some research into adding new capabilities to Samsung’s NFC chips in their smartphones, by bypassing their signature protection and applying code patches.…
assless-chaps: Crack MSCHAPv2 challenge/responses quickly https://securityonline.info/assless-chaps-crack-mschapv2-challenge-responses-quickly/
Cybersecurity News
assless-chaps: Crack MSCHAPv2 challenge/responses quickly
Assless CHAPs is an efficient way to recover the NT hash used in a MSCHAPv2/NTLMv1 exchange if you have the challenge and response
Defense Evasion Series Part 1 AMSI Bypass https://dazzyddos.github.io/posts/AMSI-Bypass/
Dazzy Ddos
Defense Evasion Series Part 1 AMSI Bypass
Introduction
Introducing GoKart, a Smarter Go Security Scanner https://www.praetorian.com/blog/introducing-gokart/
Praetorian
Introducing GoKart, a Smarter Go Security Scanner | Praetorian
At Praetorian, we’re committed to promoting and contributing to open source security projects and radically focused on developing technologies to enhance the overall state of cybersecurity. We love when our passions and business commitments overlap so today…
Reverse Engineering the Austrian ID-Card Verification App https://yepoleb.github.io/blog/2021/08/18/reverse-engineering-the-check-at-android-app/
Convert Apple NeuralHash model for CSAM Detection to ONNX https://github.com/AsuharietYgvar/AppleNeuralHash2ONNX
GitHub
GitHub - AsuharietYgvar/AppleNeuralHash2ONNX: Convert Apple NeuralHash model for CSAM Detection to ONNX.
Convert Apple NeuralHash model for CSAM Detection to ONNX. - AsuharietYgvar/AppleNeuralHash2ONNX
Detecting Embedded Content in OOXML Documents https://www.fireeye.com/blog/threat-research/2021/08/detecting-embedded-content-in-ooxml-documents.html
Dissecting the last version of Conti Ransomware using a step-by-step approach https://cybergeeks.tech/dissecting-the-last-version-of-conti-ransomware-using-a-step-by-step-approach/
Write-up of CVE-2021-30656 https://jsherman212.github.io/CVE-2021-30656/
mobile Audit: performs SAST and Malware Analysis for Android APKs https://securityonline.info/mobile-audit-performs-sast-and-malware-analysis-for-android-apks/
Cybersecurity News
mobile Audit v3.0 releases: performs SAST and Malware Analysis for Android APKs
Mobile Audit - SAST and Malware Analysis for Android Mobile APKs. Django Web application for performing Static Analysis, detecting malware in Android APKs
HID simulation for DRAKVUF https://www.cert.pl/en/posts/2021/08/hid-simulation-for-drakvuf/
cert.pl
HID simulation for DRAKVUF
Guest post by our Google Summer of Code student, Jan Gruber Project proposal: https://summerofcode.withgoogle.com/projects/#6703931754807296 Overview My project for GSoC 2021 was to realize an undetectable simulation of human behaviour in the VMI-based sandbox…
Exploiting CVE-2021-21225 and disabling W^X https://tiszka.com/blog/CVE_2021_21225_exploit.html
Report on QNX BadAlloc vulnerability, which affects embedded devices like control systems https://media.defense.gov/2021/Apr/29/2002630479/-1/-1/0/CSA_STOP-MCA-AGAINST-OT_UOO13672321.PDF
Automating security assessments using Cloud Katana https://www.microsoft.com/security/blog/2021/08/19/automating-security-assessments-using-cloud-katana/
Microsoft Security Blog
Automating security assessments using Cloud Katana | Microsoft Security Blog
Today, we are open-sourcing Cloud Katana, a cloud-native tool under development, to automate simulation steps on-demand in multi-cloud and hybrid cloud environments. This tool is an event-driven, serverless compute application built on the top of Azure Functions…
Firmware Supply Chain is Hard(coded) https://www.binarly.io/posts/Firmware_Supply_Chain_is_Hard(coded)/index.html
Understanding Network Access in Windows AppContainers https://googleprojectzero.blogspot.com/2021/08/understanding-network-access-windows-app.html
projectzero.google
Understanding Network Access in Windows AppContainers
Posted by James Forshaw, Project ZeroRecently I've been delving into the inner workings...
Multiple threat actors, including a ransomware gang, exploiting Exchange ProxyShell vulnerabilities https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c
Medium
Multiple threat actors, including a ransomware gang, exploiting Exchange ProxyShell vulnerabilities
These vulnerabilities are worse than ProxyLogon, the Exchange vulnerabilities revealed in March.
From Pwn2Own 2021: A New Attack Surface on Microsoft Exchange - ProxyShell! https://www.zerodayinitiative.com/blog/2021/8/17/from-pwn2own-2021-a-new-attack-surface-on-microsoft-exchange-proxyshell
Zero Day Initiative
Zero Day Initiative — From Pwn2Own 2021: A New Attack Surface on Microsoft Exchange - ProxyShell!
In April 2021, Orange Tsai from DEVCORE Research Team demonstrated a remote code execution vulnerability in Microsoft Exchange during the Pwn2Own Vancouver 2021 contest. In doing so, he earned himself $200,000. Since then, he has disclosed several other…
ZDI-CAN-12671: Windows Kernel DoS/Privilege Escalation via a NULL Pointer Deref https://www.zerodayinitiative.com/blog/2021/1/27/zdi-can-12671-windows-kernel-dosprivilege-escalation-via-a-null-pointer-deref
Zero Day Initiative
Zero Day Initiative — ZDI-CAN-12671: Windows Kernel DoS/Privilege Escalation via a NULL Pointer Deref
You can find me on Twitter at @HexKitchen , and follow the team for the latest in exploit techniques and security patches.
ChaosDB: Critical Vulnerability in Microsoft Azure Cosmos DB https://chaosdb.wiz.io/
Wiz
ChaosDB: Unauthorized Privileged Access to Microsoft Azure Cosmos DB
A critical vulnerability in Azure's flagship Cosmos DB service affecting thousands of customers. Mitigation requires customers' manual actions.