Implementing a Zero Trust strategy after compromise recovery https://www.microsoft.com/security/blog/2022/09/14/implementing-a-zero-trust-strategy-after-compromise-recovery/
Microsoft News
Implementing a Zero Trust strategy after compromise recovery
After a compromise recovery, we follow a plan for moving forward to get up-to-date with security posture all over the environment.
Malicious OAuth applications abuse cloud email services to spread spam https://www.microsoft.com/security/blog/2022/09/22/malicious-oauth-applications-used-to-compromise-email-servers-and-spread-spam/
Security Advisory: NETGEAR Routers FunJSQ Vulnerabilities https://onekey.com/blog/security-advisory-netgear-routers-funjsq-vulnerabilities/
Onekey
Security Advisory: NETGEAR Routers FunJSQ Vulnerabilities | ONEKEY Research | Research | ONEKEY
Detailed vulnerability analysis identifies several problems in FunJSQ on NETGEAR Routers & Orbi WiFi Systems. Read latest Security Advisory here 👉
AST Injection, Prototype Pollution to RCE https://blog.p6.is/AST-Injection/
Undermining Microsoft Teams Security by Mining Tokens https://www.vectra.ai/blogpost/undermining-microsoft-teams-security-by-mining-tokens
Interesting paper from ACM CCS'22 » "Jit-Picking: Differential Fuzzing of JavaScript Engines" https://publications.cispa.saarland/3773/1/2022-CCS-JIT-Fuzzing.pdf
Jumping NAT to Shut Down Electric Devices https://claroty.com/team82/research/jumping-nat-to-shut-down-electric-devices
Claroty
Bypassing NAT to Attack Dataprobe iBoot-PDUs
Team82 discloses details on vulnerabilities in Dataprobe iBoot-PDUs that expose power distribution units to remote code execution.
Giving JuicyPotato a second chance: JuicyPotatoNG https://decoder.cloud/2022/09/21/giving-juicypotato-a-second-chance-juicypotatong/
Decoder's Blog
Giving JuicyPotato a second chance: JuicyPotatoNG
Well, it’s been a long time ago since our beloved JuicyPotato has been published. Meantime things changed and got fixed (backported also to Win10 1803/Server2016) leading to the glorious end …
Good diagrams about how Apple Pay and Google Pay work » https://twitter.com/alexxubyte/status/1572614943811440642
Raspberry Robin’s Roshtyak: A Little Lesson in Trickery https://decoded.avast.io/janvojtesek/raspberry-robins-roshtyak-a-little-lesson-in-trickery/
Gendigital
Raspberry Robin’s Roshtyak: A Little Lesson in Trickery
Innovative Evasion Techniques in Roshtyak
A technical analysis of the leaked LockBit 3.0 builder https://cybergeeks.tech/a-technical-analysis-of-the-leaked-lockbit-3-0-builder/
state of the feature: office message encryption https://musings365.com/2022/09/22/state-of-the-feature-office-message-encryption/
Musings 365
state of the feature: office message encryption
The focus of this article isn’t really the history so much as what can OME in M365 do today, right now, what it cannot do, and some of my most frequent recommendations that I share with custo…
CVE-2022-35256: HTTP Request Smuggling in NodeJS https://feed.prelude.org/p/cve-2022-35256
f33d by Prelude
CVE-2022-35256
HTTP Request Smuggling in NodeJS
Technical Analysis of Crytox Ransomware https://www.zscaler.com/blogs/security-research/technical-analysis-crytox-ransomware
Zscaler
Technical Analysis of Crytox Ransomware | Zscaler Blog
Technical Analysis of Crytox Ransomware: A multi-stage ransomware with a weak key generation algorithm. Read more.
Why you should do printf debugging https://www.timdbg.com/posts/why-you-should-printf/
TimDbg
Why you should do printf debugging
If you know who I am, you might think that this post title is clickbait. Maybe it is, a little. But the truth is, you should do printf debugging! Sometimes. Often not. But sometimes, you should!
Let me explain. When most of us first started programming, we…
Let me explain. When most of us first started programming, we…
AST Injection, Prototype Pollution to RCE https://blog.p6.is/AST-Injection/
From Zero to One Hundred: Demystifying zero trust and its implications on enterprise people, process, and technology https://queue.acm.org/detail.cfm?id=3561799
Windows System Calls For Hunters https://marcoramilli.com/2022/08/23/windows-system-calls-for-hunters/
A technical analysis of Pegasus for Android – Part 2 https://cybergeeks.tech/a-technical-analysis-of-pegasus-for-android-part-2/