Executable and Linkable Format 101. Part 2: Symbols https://www.intezer.com/blog/malware-analysis/executable-linkable-format-101-part-2-symbols/
Intezer
Executable and Linkable Format 101. Part 2: Symbols
In our previous post, we focused on understanding the relationship between sections and segments, which serve as the foundation for understanding the ELF file format.
👍3
Chrome Browser Exploitation, Part 3: Analyzing and Exploiting CVE-2018-17463 https://jhalon.github.io/chrome-browser-exploitation-3/
Jack Hacks
Chrome Browser Exploitation, Part 3: Analyzing and Exploiting CVE-2018-17463
Welcome to the third and final installment of the “Chrome Browser Exploitation” series. The main objective of this series has been to provide an introduction to browser internals and delve into the topic of Chrome browser exploitation on Windows in greater…
A bunch of OLD-School RCE tricks… https://www.hexacorn.com/blog/2023/01/01/a-bunch-of-old-school-rce-tricks/
Proof-of-concept app to overwrite fonts on iOS using CVE-2022-46689 https://github.com/ginsudev/WDBFontOverwrite
GitHub
GitHub - ginsudev/WDBFontOverwrite: Proof-of-concept app to overwrite fonts on iOS using CVE-2022-46689.
Proof-of-concept app to overwrite fonts on iOS using CVE-2022-46689. - ginsudev/WDBFontOverwrite
Executable and Linkable Format 101 Part 3: Relocations https://www.intezer.com/blog/malware-analysis/executable-and-linkable-format-101-part-3-relocations/
Intezer
Executable and Linkable Format 101 Part 3: Relocations
This post is part of Intezers blog series about executable and linkable formats. In this post, we will introduce the concept of ELF relocations and their relationship with symbols. Later we will explain more advanced concepts, such as dynamic linking.
Using an Android emulator for API hacking https://zerodayhacker.com/using-an-android-emulator-for-api-hacking/
Zero Day Hacker - Teaching myself ethical hacking. Here's what I've learned, from day zero onward.
Using an Android emulator for API hacking - Zero Day Hacker
This article explains how to install Android Studio and set up the Android emulator to proxy its traffic through Burp Suite. This lets you monitor traffic from Android apps.
👍1
Kubernetes Scaling: The Event Driven Approach https://medium.com/@toonvandeuren/kubernetes-scaling-the-event-driven-approach-bdd58ded4e3f
Medium
Kubernetes Scaling: The Event Driven Approach
So, we've all heard of Kubernetes by now. It's a container orchestration platform that's currently taking over the world (and cloud)…
Executable and Linkable Format 101 Part 4: Dynamic Linking https://www.intezer.com/blog/malware-analysis/executable-linkable-format-101-part-4-dynamic-linking/
Intezer
Executable and Linkable Format 101 Part 4: Dynamic Linking
In part four of our ELF 101 blog series, we explain the dynamic linking process, including its purpose, how it works and the different linking modes.
New CatB Ransomware Employs 2-Year Old DLL Hijacking Technique To Evade Detection https://minerva-labs.com/blog/new-catb-ransomware-employs-2-year-old-dll-hijacking-technique-to-evade-detection/
Rapid7
Rapid7 Managed Cybersecurity: Outpace Attackers
SpyNote: Spyware with RAT capabilities targeting Financial Institutions https://www.threatfabric.com/blogs/spynote-rat-targeting-financial-institutions.html
ThreatFabric
SpyNote: Spyware with RAT capabilities targeting Financial Institutions
SpyNote, also known as SpyMax and CypherRat, is a unique and effective Spyware which developed unique interest in banking users
[Crypto][Python] Padding oracle attack: demonstration https://yurichev.org/padding_oracle_attack/
Norec Attack: Stripping BLE encryption from Nordic’s Library (CVE-2020–15509) https://infosecwriteups.com/norec-attack-stripping-ble-encryption-from-nordics-library-cve-2020-15509-9798ab893b95
Medium
Norec Attack: Stripping BLE encryption from Nordic’s Library (CVE-2020–15509)
This article talks about a vulnerability i have found in a library that almost every android application is based on, in a combination…
New RisePro Stealer distributed by the prominent PrivateLoader
https://blog.sekoia.io/new-risepro-stealer-distributed-by-the-prominent-privateloader/
https://blog.sekoia.io/new-risepro-stealer-distributed-by-the-prominent-privateloader/
Sekoia.io Blog
New RisePro Stealer distributed by the prominent PrivateLoader
RisePro is a new undocumented stealer. According to SEKOIA.IO analysts, it has similarities with PrivateLoader.
Introduction to Graph Machine Learning https://huggingface.co/blog/intro-graphml
Corrupting memory without memory corruption https://github.blog/2022-07-27-corrupting-memory-without-memory-corruption/
The GitHub Blog
Corrupting memory without memory corruption
In this post I’ll exploit CVE-2022-20186, a vulnerability in the Arm Mali GPU kernel driver and use it to gain arbitrary kernel memory access from an untrusted app on a Pixel 6. This then allows me to gain root and disable SELinux. This vulnerability highlights…
Effectively mitigating CSRF https://exact.realty/blog/posts/2022/12/29/csrf-prevention/