Internal of the Android kernel backdoor vulnerability https://vul.360.net/archives/263
vul.360.net
Internal of the Android kernel backdoor vulnerability
回顾Android内核漏洞史可以发现,大部分Android内核漏洞属于内存漏洞,而逻辑漏洞相对少见。由于内存漏洞具有典型的漏洞模式、明显的副作用以及较完善的检测方法,因此这类漏洞较容易发现。对应地,逻辑漏洞没有典型的漏洞模式(往往与功能紧密相关)、不确定的副作用以及缺乏普适的检测方法,因此,挖掘这类漏洞相对困难。正因为如此,逻辑漏洞有它独特的魅力。
CVE-2021-26084 Remote Code Execution on Confluence Servers https://github.com/httpvoid/writeups/blob/main/Confluence-RCE.md
GitHub
writeups/Confluence-RCE.md at main · httpvoid/writeups
Contribute to httpvoid/writeups development by creating an account on GitHub.
Anubis Android Malware Analysis https://0x1c3n.tech/anubis-android-malware-analysis
Nice datasets » DDoS Packet Capture Collection https://github.com/StopDDoS/packet-captures
GitHub
GitHub - StopDDoS/packet-captures: packet captures of real-world ddos attacks
packet captures of real-world ddos attacks. Contribute to StopDDoS/packet-captures development by creating an account on GitHub.
Herramienta de análisis de ataques ssh (by @jaartal) https://inthenite.com/herramienta-de-analisis-de-ataques-ssh/
inthenite.com
Herramienta de análisis de ataques ssh - inthenite.com
Publico la herramienta con la que he realizado el análisis de los ataques recibidos por ssh, de tal forma que cualquiera puede revisarlos
macOS XPC Exploitation - Sandbox Share case study https://www.synacktiv.com/publications/macos-xpc-exploitation-sandbox-share-case-study.html
Synacktiv
macOS XPC Exploitation - Sandbox Share case study
Usually we don't do blog posts about CTF challenges but we recently stumbled across a challenge that was a good opportunity to talk about several macOS/iOS internals, security mechanisms and exploit m
Critical Vulnerability in HAProxy (CVE-2021-40346): Integer Overflow Enables HTTP Smuggling https://jfrog.com/blog/critical-vulnerability-in-haproxy-cve-2021-40346-integer-overflow-enables-http-smuggling/
JFrog
Critical Vulnerability in HAProxy (CVE-2021-40346): Integer Overflow Enables HTTP Smuggling
JFrog Security research teams are constantly looking for new and previously unknown vulnerabilities in popular open-source projects to help improve their security posture. As part of this effort, we recently discovered a potentially critical vulnerability…
Critical Vulnerability in HAProxy (CVE-2021-40346): Integer Overflow Enables HTTP Smuggling https://jfrog.com/blog/critical-vulnerability-in-haproxy-cve-2021-40346-integer-overflow-enables-http-smuggling/
JFrog
Critical Vulnerability in HAProxy (CVE-2021-40346): Integer Overflow Enables HTTP Smuggling
JFrog Security research teams are constantly looking for new and previously unknown vulnerabilities in popular open-source projects to help improve their security posture. As part of this effort, we recently discovered a potentially critical vulnerability…
[Atlassian Confluence CVE-2021–26084]::: The other side of bug report! https://tradahacking.vn/atlassian-confluence-cve-2021-26084-the-other-side-of-bug-bounty-45ed19c814f6
Medium
[Atlassian Confluence CVE-2021–26084]::: The other side of bug report!
tl;dr A pull request for Nuclei template of CVE-2021–26084 turned out to be a leak of our Pre-Auth RCE exploit payload for Atlassian…
Free Automated Malware Analysis Sandboxes and Services https://zeltser.com/automated-malware-analysis/
Lenny Zeltser
Free Automated Malware Analysis Sandboxes and Services
Free hosted malware analysis sandboxes automate the examination of suspicious files, providing capability overviews that help analysts prioritize follow-up work. This curated list includes services like Any.run, Hybrid Analysis, Joe Sandbox, and VirusTotal.
Vulnerability Spotlight: Heap buffer overflow vulnerability in Ribbonsoft dxflib library https://blog.talosintelligence.com/2021/09/vuln-spotlight-ribbonsoft.html
Cisco Talos Blog
Vulnerability Spotlight: Heap buffer overflow vulnerability in Ribbonsoft dxflib library
Lilith >_> of Cisco Talos discovered this vulnerability.
Cisco Talos recently discovered an exploitable heap-based buffer overflow vulnerability in Ribbonsoft’s dxflib library that could lead to code execution.
The dxflib library is a C++ library utilized…
Cisco Talos recently discovered an exploitable heap-based buffer overflow vulnerability in Ribbonsoft’s dxflib library that could lead to code execution.
The dxflib library is a C++ library utilized…
Modern Harnessing Meets In-Memory Fuzzing - PART 1
https://blog.haboob.sa/blog/modern-harnessing-meets-in-memory-fuzzing
https://blog.haboob.sa/blog/modern-harnessing-meets-in-memory-fuzzing
VED (Vault Exploit Defense): Protect the Linux kernel https://hardenedvault.net/2021/09/06/ved.html
Ghostscript zero-day allows full server compromises https://therecord.media/ghostscript-zero-day-allows-full-server-compromises/
The Record
Ghostscript zero-day allows full server compromises
Proof-of-concept exploit code was published online over the weekend for an unpatched Ghostscript vulnerability that puts all servers that rely on the component at risk of attacks.
Rudroid - Writing the World's worst Android Emulator in Rust 🦀 https://fuzzing.science/page/rudroid-worlds-worst-android-emulator/
Nice talk from @embyte » "The unfortunate journey of radio-protocol mistakes" https://www.madlab.it/slides/confidence2021_radios.pdf
A deep-dive into the SolarWinds Serv-U SSH vulnerability https://www.microsoft.com/security/blog/2021/09/02/a-deep-dive-into-the-solarwinds-serv-u-ssh-vulnerability/
Microsoft Security Blog
A deep-dive into the SolarWinds Serv-U SSH vulnerability | Microsoft Security Blog
We're sharing technical information about the vulnerability tracked as CVE-2021-35211, which was used to attack the SolarWinds Serv-U FTP software in limited and targeted attacks.
PST, Want a Shell? ProxyShell Exploiting Microsoft Exchange Servers https://www.fireeye.com/blog/threat-research/2021/09/proxyshell-exploiting-microsoft-exchange-servers.html