Golden Certificate https://pentestlab.blog/2021/11/15/golden-certificate/
Penetration Testing Lab
Golden Certificate
Domain persistence techniques enable red teams that have compromised the domain to operate with the highest level of privileges in a large period. One of the most common domain persistence techniqu…
Abusing Windows’ tokens to compromise Active Directory without touching LSASS https://sensepost.com/blog/2022/abusing-windows-tokens-to-compromise-active-directory-without-touching-lsass/
Zyxel authentication bypass patch analysis (CVE-2022-0342) https://security.humanativaspa.it/zyxel-authentication-bypass-patch-analysis-cve-2022-0342/
hn security
Zyxel authentication bypass patch analysis (CVE-2022-0342) - hn security
A few months ago, new firmware […]
We sign code now https://blog.trailofbits.com/2022/11/08/sigstore-code-signing-verification-software-supply-chain/
The Trail of Bits Blog
We sign code now
Sigstore announced the general availability of its free and ecosystem-agnostic software signing service two weeks ago, giving developers a way to sign, verify and protect their software projects and the dependencies they rely on. Trail of Bits is absolutely…
[Linux Kernel Exploitation 0x1] Smashing Stack Overflows in the Kernel https://blog.k3170makan.com/2020/11/linux-kernel-exploitation-0x1-smashing.html
K3170Makan
[Linux Kernel Exploitation 0x1] Smashing Stack Overflows in the Kernel
Hacking,Information Security,Penetration Testing,Google Hacking,Google Dorking,Keith Makan,Black Hat,Security Research,InfoSec,Web Site Security
The Android Malware’s Journey: From Google Play to banking fraud https://www.cleafy.com/cleafy-labs/the-android-malwares-journey-from-google-play-to-banking-fraud
Cleafy
The Android Malware’s Journey: From Google Play to banking fraud | Cleafy Labs
The threat intelligence team of Cleafy analyzed the Android Malware Vultur and its journey from Google Play to banking fraud. Read here the technical analysis.
[Linux Kernel Exploitation 0x2] Controlling RIP and Escalating privileges via Stack Overflow https://blog.k3170makan.com/2021/01/linux-kernel-exploitation-0x2.html
K3170Makan
[Linux Kernel Exploitation 0x2] Controlling RIP and Escalating privileges via Stack Overflow
Hacking,Information Security,Penetration Testing,Google Hacking,Google Dorking,Keith Makan,Black Hat,Security Research,InfoSec,Web Site Security
[Euskalhack V]: Pentest Active Directory Rocks! Part III https://fwhibbit.es/euskalhack-v-pentest-active-directory-rocks-part-iii
fwhibbit.es
[Euskalhack V]: Pentest Active Directory Rocks! Part III
Hola a todos, Continuamos con el tercer post del taller, en este caso con la enumeración del directorio activo teniendo en cuenta…
Cobalt Strike Analysis and Tutorial: Identifying Beacon Team Servers in the Wild https://unit42.paloaltonetworks.com/cobalt-strike-team-server/
Unit 42
Cobalt Strike Analysis and Tutorial: Identifying Beacon Team Servers in the Wild
We present new techniques that leverage active probing and network fingerprint technology to help you detect Cobalt Strike’s Team Servers.
Raccoon Stealer – An Insight into Victim “Gates” https://www.team-cymru.com/post/raccoon-stealer-an-insight-into-victim-gates
Team Cymru
Raccoon Stealer – An Insight into Victim “Gates”
Tracking Infostealers with Team Cymru's Botnet Analysis and Reporting Service (BARS) Raccoon Stealer is one of 40-plus malware families tracked through Team Cymru’s Botnet Analysis and Reporting Service (BARS), a service which underpins our Threat Intelligence…
Nice example of security assessment by Trail of Bits https://simplex.chat/blog/20221108-simplex-chat-v4.2-security-audit-new-website.html
simplex.chat
Security assessment by Trail of Bits, the new website and v4.2 released
Vulnerabilities in Tenda's W15Ev2 AC1200 Router https://boschko.ca/tenda_ac1200_router/
Boschko Security Blog
Vulnerabilities in Tenda's W15Ev2 AC1200 Router
CVE-2022-40843 CVE-2022-40845 CVE-2022-40847 CVE-2022-40844 CVE-2022-40846 CVE-2022-41395 CVE-2022-41396 CVE-2022-42053 CVE-2022-42058 CVE-2022-42060
Exploring ZIP Mark-of-the-Web Bypass Vulnerability (CVE-2022-41049) https://breakdev.org/zip-motw-bug-analysis/
BREAKDEV
Exploring ZIP Mark-of-the-Web Bypass Vulnerability (CVE-2022-41049)
Windows ZIP extraction bug (CVE-2022-41049) lets attackers craft ZIP files, which evade warnings on attempts to execute packaged files, even if ZIP file was downloaded from the Internet.
Why is Rosetta 2 fast? https://dougallj.wordpress.com/2022/11/09/why-is-rosetta-2-fast/
dougallj
Why is Rosetta 2 fast?
Rosetta 2 is remarkably fast when compared to other x86-on-ARM emulators. I’ve spent a little time looking at how it works, out of idle curiosity, and found it to be quite unusual, so I figur…
Technical analysis of Optus API security challenge - Three must to have API security controls https://discuss.secdim.com/t/technical-analysis-of-optus-api-security-challenge-three-must-to-have-api-security-controls/335
Discuss
Technical analysis of Optus API security challenge - Three must to have API security controls
Tl;dr: Authentication alone could only hide API security weaknesses. Three security controls are required to address the root cause of Optus API secure programming challenge. This article is a technical analysis of nearly 40 submissions that we have received…
[CVE-2022-40303] Integer overflow in xmlParseNameComplex https://gitlab.gnome.org/GNOME/libxml2/-/issues/381
GitLab
[CVE-2022-40303] Integer overflow in xmlParseNameComplex (#381) · Issues · GNOME / libxml2 · GitLab
Libxml2 is vulnerable to an integer overflow in xmlParseNameComplex when an attribute list has a very long name (name is >= 2**32 characters).
Discovering vendor-specific vulnerabilities in Android https://blog.oversecured.com/Discovering-vendor-specific-vulnerabilities-in-Android/
News, Techniques & Guides
Discovering vendor-specific vulnerabilities in Android
For several years, Oversecured has been the best way to discover vulnerabilities in Android and iOS mobile apps.
CVE-2022-45063: xterm <375 code execution via font ops https://www.openwall.com/lists/oss-security/2022/11/10/1
swicc: A framework for creating smart cards (ICC-based cards with contacts) https://github.com/tomasz-lisowski/swicc
GitHub
GitHub - tomasz-lisowski/swicc: A framework for creating smart cards (ICC-based cards with contacts).
A framework for creating smart cards (ICC-based cards with contacts). - tomasz-lisowski/swicc