A technical analysis of Pegasus for Android – Part 3 https://cybergeeks.tech/a-technical-analysis-of-pegasus-for-android-part-3/
Monitoring and Tuning the Linux Networking Stack: Receiving Data https://blog.packagecloud.io/monitoring-tuning-linux-networking-stack-receiving-data/
blog.packagecloud.io
Monitoring and Tuning the Linux Networking Stack: Receiving Data | Packagecloud Blog
This post guides you through monitoring and tuning the Linux network stack with the focus on receiving data.
Extending Ghidra Part 1: Setting up a Development Environment https://voidstarsec.com/blog/ghidra-dev-environment
VoidStar Security Blog
Extending Ghidra Part 1: Setting up a Development Environment
With this post, I hope to explain how to set up a development environment for the latest Ghidra release on Ubuntu 20.04. After following the steps outlined below, we will have the ability to write, debug and export custom Ghidra plugins, modules, and scripts.
Open-Obfuscator: A free and open-source obfuscator for mobile applications https://www.romainthomas.fr/post/22-10-open-obfuscator/
Romain Thomas
Open-Obfuscator: A free and open-source obfuscator for mobile applications | Romain Thomas
This blog post introduces open-obfuscator, a new open-source project to obfuscate mobile applications.
The OpenSSL punycode vulnerability (CVE-2022-3602): Overview, detection, exploitation, and remediation https://securitylabs.datadoghq.com/articles/openssl-november-1-vulnerabilities/
Datadoghq
The OpenSSL punycode vulnerability (CVE-2022-3602): Overview, detection, exploitation, and remediation
Learn how the OpenSSL punycode vulnerability (CVE-2022-3602) works, how to detect it, and how it can be exploited.
Operational information regarding CVE-2022-3602 and CVE-2022-3786 (OpenSSL vulns) https://github.com/NCSC-NL/OpenSSL-2022
GitHub
GitHub - NCSC-NL/OpenSSL-2022: Operational information regarding CVE-2022-3602 and CVE-2022-3786, two vulnerabilities in OpenSSL…
Operational information regarding CVE-2022-3602 and CVE-2022-3786, two vulnerabilities in OpenSSL 3 - NCSC-NL/OpenSSL-2022
Fodcha Is Coming Back, Raising A Wave of Ransom DDoS https://blog.netlab.360.com/fodcha-is-coming-back-with-rddos/
360 Netlab Blog - Network Security Research Lab at 360
Fodcha Is Coming Back, Raising A Wave of Ransom DDoS
Background
On April 13, 2022, 360Netlab first disclosed the Fodcha botnet. After our article was published, Fodcha suffered a crackdown from the relevant authorities, and its authors quickly responded by leaving "Netlab pls leave me alone I surrender" in…
On April 13, 2022, 360Netlab first disclosed the Fodcha botnet. After our article was published, Fodcha suffered a crackdown from the relevant authorities, and its authors quickly responded by leaving "Netlab pls leave me alone I surrender" in…
Golden Certificate https://pentestlab.blog/2021/11/15/golden-certificate/
Penetration Testing Lab
Golden Certificate
Domain persistence techniques enable red teams that have compromised the domain to operate with the highest level of privileges in a large period. One of the most common domain persistence techniqu…
Abusing Windows’ tokens to compromise Active Directory without touching LSASS https://sensepost.com/blog/2022/abusing-windows-tokens-to-compromise-active-directory-without-touching-lsass/
Zyxel authentication bypass patch analysis (CVE-2022-0342) https://security.humanativaspa.it/zyxel-authentication-bypass-patch-analysis-cve-2022-0342/
hn security
Zyxel authentication bypass patch analysis (CVE-2022-0342) - hn security
A few months ago, new firmware […]
We sign code now https://blog.trailofbits.com/2022/11/08/sigstore-code-signing-verification-software-supply-chain/
The Trail of Bits Blog
We sign code now
Sigstore announced the general availability of its free and ecosystem-agnostic software signing service two weeks ago, giving developers a way to sign, verify and protect their software projects and the dependencies they rely on. Trail of Bits is absolutely…
[Linux Kernel Exploitation 0x1] Smashing Stack Overflows in the Kernel https://blog.k3170makan.com/2020/11/linux-kernel-exploitation-0x1-smashing.html
K3170Makan
[Linux Kernel Exploitation 0x1] Smashing Stack Overflows in the Kernel
Hacking,Information Security,Penetration Testing,Google Hacking,Google Dorking,Keith Makan,Black Hat,Security Research,InfoSec,Web Site Security
The Android Malware’s Journey: From Google Play to banking fraud https://www.cleafy.com/cleafy-labs/the-android-malwares-journey-from-google-play-to-banking-fraud
Cleafy
The Android Malware’s Journey: From Google Play to banking fraud | Cleafy Labs
The threat intelligence team of Cleafy analyzed the Android Malware Vultur and its journey from Google Play to banking fraud. Read here the technical analysis.
[Linux Kernel Exploitation 0x2] Controlling RIP and Escalating privileges via Stack Overflow https://blog.k3170makan.com/2021/01/linux-kernel-exploitation-0x2.html
K3170Makan
[Linux Kernel Exploitation 0x2] Controlling RIP and Escalating privileges via Stack Overflow
Hacking,Information Security,Penetration Testing,Google Hacking,Google Dorking,Keith Makan,Black Hat,Security Research,InfoSec,Web Site Security
[Euskalhack V]: Pentest Active Directory Rocks! Part III https://fwhibbit.es/euskalhack-v-pentest-active-directory-rocks-part-iii
fwhibbit.es
[Euskalhack V]: Pentest Active Directory Rocks! Part III
Hola a todos, Continuamos con el tercer post del taller, en este caso con la enumeración del directorio activo teniendo en cuenta…
Cobalt Strike Analysis and Tutorial: Identifying Beacon Team Servers in the Wild https://unit42.paloaltonetworks.com/cobalt-strike-team-server/
Unit 42
Cobalt Strike Analysis and Tutorial: Identifying Beacon Team Servers in the Wild
We present new techniques that leverage active probing and network fingerprint technology to help you detect Cobalt Strike’s Team Servers.
Raccoon Stealer – An Insight into Victim “Gates” https://www.team-cymru.com/post/raccoon-stealer-an-insight-into-victim-gates
Team Cymru
Raccoon Stealer – An Insight into Victim “Gates”
Tracking Infostealers with Team Cymru's Botnet Analysis and Reporting Service (BARS) Raccoon Stealer is one of 40-plus malware families tracked through Team Cymru’s Botnet Analysis and Reporting Service (BARS), a service which underpins our Threat Intelligence…
Nice example of security assessment by Trail of Bits https://simplex.chat/blog/20221108-simplex-chat-v4.2-security-audit-new-website.html
simplex.chat
Security assessment by Trail of Bits, the new website and v4.2 released
Vulnerabilities in Tenda's W15Ev2 AC1200 Router https://boschko.ca/tenda_ac1200_router/
Boschko Security Blog
Vulnerabilities in Tenda's W15Ev2 AC1200 Router
CVE-2022-40843 CVE-2022-40845 CVE-2022-40847 CVE-2022-40844 CVE-2022-40846 CVE-2022-41395 CVE-2022-41396 CVE-2022-42053 CVE-2022-42058 CVE-2022-42060
Exploring ZIP Mark-of-the-Web Bypass Vulnerability (CVE-2022-41049) https://breakdev.org/zip-motw-bug-analysis/
BREAKDEV
Exploring ZIP Mark-of-the-Web Bypass Vulnerability (CVE-2022-41049)
Windows ZIP extraction bug (CVE-2022-41049) lets attackers craft ZIP files, which evade warnings on attempts to execute packaged files, even if ZIP file was downloaded from the Internet.