state of the feature: office message encryption https://musings365.com/2022/09/22/state-of-the-feature-office-message-encryption/
Musings 365
state of the feature: office message encryption
The focus of this article isn’t really the history so much as what can OME in M365 do today, right now, what it cannot do, and some of my most frequent recommendations that I share with custo…
CVE-2022-35256: HTTP Request Smuggling in NodeJS https://feed.prelude.org/p/cve-2022-35256
f33d by Prelude
CVE-2022-35256
HTTP Request Smuggling in NodeJS
Technical Analysis of Crytox Ransomware https://www.zscaler.com/blogs/security-research/technical-analysis-crytox-ransomware
Zscaler
Technical Analysis of Crytox Ransomware | Zscaler Blog
Technical Analysis of Crytox Ransomware: A multi-stage ransomware with a weak key generation algorithm. Read more.
Why you should do printf debugging https://www.timdbg.com/posts/why-you-should-printf/
TimDbg
Why you should do printf debugging
If you know who I am, you might think that this post title is clickbait. Maybe it is, a little. But the truth is, you should do printf debugging! Sometimes. Often not. But sometimes, you should!
Let me explain. When most of us first started programming, we…
Let me explain. When most of us first started programming, we…
AST Injection, Prototype Pollution to RCE https://blog.p6.is/AST-Injection/
From Zero to One Hundred: Demystifying zero trust and its implications on enterprise people, process, and technology https://queue.acm.org/detail.cfm?id=3561799
Windows System Calls For Hunters https://marcoramilli.com/2022/08/23/windows-system-calls-for-hunters/
A technical analysis of Pegasus for Android – Part 2 https://cybergeeks.tech/a-technical-analysis-of-pegasus-for-android-part-2/
BumbleBee: Round Two https://thedfirreport.com/2022/09/26/bumblebee-round-two/
The DFIR Report
BumbleBee: Round Two - The DFIR Report
In this intrusion from May 2022, the threat actors used BumbleBee as the initial access vector. BumbleBee has been identified as an initial access vector utilized by several ransomware affiliates. In this intrusion, we see the threat actor use BumbleBee to…
What is the Windows API? - Beginner Overview https://guidedhacking.com/threads/what-is-the-windows-api-beginner-overview.20021/
The New Era of Hacktivism – State-Mobilized Hacktivism Proliferates to the West and Beyond https://research.checkpoint.com/2022/the-new-era-of-hacktivism/
Check Point Research
The New Era of Hacktivism – State-Mobilized Hacktivism Proliferates to the West and Beyond - Check Point Research
Introduction Until last year, hacktivism has primarily been associated with groups like Anonymous – decentralized and unstructured collectives made up of private individuals with a variety of agendas. Anonymous has launched multiple campaigns against a wide…
Emulate Shellcode with Radare2 https://www.sans.org/blog/emulate-shellcode-radare2/
The difference between signature-based and behavioural detections https://s3cur3th1ssh1t.github.io/Signature_vs_Behaviour/
s3cur3th1ssh1t.github.io
The difference between signature-based and behavioural detections | S3cur3Th1sSh1t
In this blog post, the main difference between signature-based and behavior-based Detections are explained. In addition, examples are shown with respective D...
DJVU: The Ransomware That Seems Strangely Familiar…
https://blogs.blackberry.com/en/2022/09/djvu-the-ransomware-that-seems-strangely-familiar
https://blogs.blackberry.com/en/2022/09/djvu-the-ransomware-that-seems-strangely-familiar
BlackBerry
DJVU: The Ransomware That Seems Strangely Familiar…
DJVU is new variant of STOP ransomware, boasting multiple layers of obfuscation, which makes it difficult to detect and analyze. This is a constantly evolving ransomware family, making it a prevalent threat to both individuals and enterprises alike.
[0x05] Reversing Shorts :: iOS Kernel Demystified https://www.youtube.com/watch?v=HReVZH9fMcc
YouTube
[0x05] Reversing Shorts :: iOS Kernel Demystified
The XNU kernel is essential to iOS and macOS security. In this video, we'll take a look into Apple's open-source releases as well as free tools to analyze closed-source extensions.
Full playlist of reversing shorts: https://www.youtube.com/playlist?list…
Full playlist of reversing shorts: https://www.youtube.com/playlist?list…
A Deep Dive of CVE-2022–33987 (Got allows a redirect to a UNIX socket) https://itnext.io/a-deep-dive-of-cve-2022-33987-got-allows-a-redirect-to-a-unix-socket-cdeed53944f7
Medium
A Deep Dive of CVE-2022–33987 (Got allows a redirect to a UNIX socket)
Every week, almost without fail, I come across one thing that confuses, entertains, or most commonly infuriates me. I’ve decided to keep a…
Securing Developer Tools: A New Supply Chain Attack on PHP https://blog.sonarsource.com/securing-developer-tools-a-new-supply-chain-attack-on-php
Sonarsource
Securing Developer Tools: A New Supply Chain Attack on PHP
What is your worst supply chain nightmare and why is it somebody that could take over all the PHP packages at once? Let's deep dive into how we could demonstrate it!
Pixel 6 bootloader: Emulation, ROP (part 2) https://eshard.com/posts/pixel6bootloader-2
Writing Burp Suite Extension in Python – Part 2 https://allabouthack.com/writing-burp-suite-extension-in-python-part-2