AmsiScanBuffer https://github.com/D1rkMtr/AmsiScanBuffer
APT27 – One Year To Exfiltrate Them All: Intrusion In-Depth Analysis https://www.intrinsec.com/apt27-analysis/
INTRINSEC
APT27 - One Year To Exfiltrate Them All: Intrusion In-Depth Analysis
Data leak : In-depth forensic & threat intelligence analysis of the tactics, tools & procedures of an advanced and persistant attack, by the Intrinsec CERT.
Ring0VBA - Getting Ring0 Using a Goddamn Word Document https://disrel.com/posts/Ring0VBA-Getting-Ring0-Using-a-Goddamn-Word-Document/
[angry-FSROP] Bypassing vtable Check in glibc File Structures https://blog.kylebot.net/2022/10/22/angry-FSROP/
kylebot's Blog
[angry-FSROP] Bypassing vtable Check in glibc File Structures
IntroductionThe story began with a student, @Ramen, asking me about the status of file structure attacks nowadays two days ago. He told me there were no public attacks that grant PC-control solely fro
Racing Cats to the Exit: A Boring Linux Kernel Use-After-Free https://accessvector.net/2022/linux-itimers-uaf
The Logging Dead: Two Event Log Vulnerabilities Haunting Windows https://www.varonis.com/blog/the-logging-dead-two-windows-event-log-vulnerabilities
Varonis
The Logging Dead: Two Event Log Vulnerabilities Haunting Windows
You don’t have to use Internet Explorer for its legacy to have left you vulnerable to LogCrusher and OverLog, a pair of Windows vulnerabilities discovered by the Varonis Threat Labs team.
Legitimate RATs: a comprehensive forensic analysis of the usual suspects https://www.synacktiv.com/publications/legitimate-rats-a-comprehensive-forensic-analysis-of-the-usual-suspects.html
Synacktiv
Legitimate RATs: a comprehensive forensic analysis of the usual
Chapter 1 — From Gozi to ISFB: The history of a mythical malware family. https://medium.com/csis-techblog/chapter-1-from-gozi-to-isfb-the-history-of-a-mythical-malware-family-82e592577fef
Medium
Chapter 1 — From Gozi to ISFB: The history of a mythical malware family.
Illustrating ISFBs journey from the early start over the leak of Gozi 1 to their recent mutation into LDR4 and its relations to other…
Stranger Strings: An exploitable flaw in SQLite https://blog.trailofbits.com/2022/10/25/sqlite-vulnerability-july-2022-library-api/
The Trail of Bits Blog
Stranger Strings: An exploitable flaw in SQLite
Trail of Bits is publicly disclosing CVE-2022-35737, which affects applications that use the SQLite library API. CVE-2022-35737 was introduced in SQLite version 1.0.12 (released on October 17, 2000) and fixed in release 3.39.2 (released on July 21, 2022).…
A technical analysis of the leaked LockBit 3.0 builder https://cybergeeks.tech/a-technical-analysis-of-the-leaked-lockbit-3-0-builder/
TCP/IP Vulnerability CVE-2022–34718 PoC Restoration and Analysis https://medium.com/numen-cyber-labs/analysis-and-summary-of-tcp-ip-protocol-remote-code-execution-vulnerability-cve-2022-34718-8fcc28538acf
Medium
Analysis and Summary of TCP/IP Protocol Remote Code Execution Vulnerability CVE-2022–34718
An Analysis of Remote Code Execution Vulnerability CVE-2022–34718
Control Flow Unflattening https://eybisi.run/Control-Flow-Unflattening/
hedgehog's cave
Control Flow Unflattening
TargetRecently I have analyzed a RASP solution called Approov. Altough there are some novel detection techniques, overall it’s not that interesting. Instead I will focus on obfuscation part of native
Towards the next generation of XNU memory safety: kalloc_type https://security.apple.com/blog/towards-the-next-generation-of-xnu-memory-safety/
Towards the next generation of XNU memory safety: kalloc_type - Apple Security Research
Improving software memory safety is a key security objective for engineering teams across the industry. Here we begin a journey into the XNU kernel at the core of iOS and explore the intricate work our engineering teams have done to harden the memory allocator…
LNK file-based Attacks Are on The Rise https://www.docguard.io/lnk-file-based-attacks-are-on-the-rise/
Docguard | Detect malwares in seconds!
LNK file-based Attacks Are on The Rise - Docguard | Detect malwares in seconds!
Introduction After Microsoft disabled the macros in Microsoft Office, criminals started to look for new techniques to beat security defenses and make it harder to detect malware and hide it from security solutions. LNK attack is one of the powerful … Read…
Hardware Trojans Under a Microscope https://ryancor.medium.com/hardware-trojans-under-a-microscope-bf542acbcc29
Medium
Hardware Trojans Under a Microscope
Table of Contents
One-Time Programs https://blog.cryptographyengineering.com/2022/10/27/one-time-programs/
A Few Thoughts on Cryptographic Engineering
One-Time Programs
One of the things I like to do on this blog is write about new research that has a practical angle. Most of the time (I swear) this involves writing about other folks’ research: it’s no…
Great tool » dynamically resolving System Service Number (syscall number) by offsets from the PEB with API hashing https://github.com/D1rkMtr/SSN_Resolver/tree/main