Investigating Filter Communication Ports https://windows-internals.com/investigating-filter-communication-ports/
CVE-2023-0179: Linux kernel stack buffer overflow in nftables: PoC and writeup https://seclists.org/oss-sec/2023/q1/20
seclists.org
oss-sec: CVE-2023-0179: Linux kernel stack buffer overflow in nftables: PoC and writeup
Analyzing a PJL directory traversal vulnerability – exploiting the Lexmark MC3224i printer (part 2) https://research.nccgroup.com/2022/02/18/analyzing-a-pjl-directory-traversal-vulnerability-exploiting-the-lexmark-mc3224i-printer-part-2/
Reverse Engineering Yaesu FT-70D Firmware Encryption https://landaire.net/reversing-yaesu-firmware-encryption/
lander's posts
Reverse Engineering Yaesu FT-70D Firmware Encryption
Introducing RPC Investigator https://blog.trailofbits.com/2023/01/17/rpc-investigator-microsoft-windows-remote-procedure-call/
The Trail of Bits Blog
Introducing RPC Investigator
A new tool for Windows RPC research. Trail of Bits is releasing a new tool for exploring RPC clients and servers on Windows. RPC Investigator is a .NET application that builds on the NtApiDotNet platform for enumerating, decompiling/parsing and communicating…
❤2👍1
6 Common Phishing Attacks and How to Protect Against Them https://www.tripwire.com/state-of-security/6-common-phishing-attacks-and-how-to-protect-against-them
Tripwire
6 Common Phishing Attacks and How to Protect Against Them
Here are the six most common types of phishing attacks - deceptive phishing, spear phishing, whaling (CEO fraud), vishing, smishing, and pharming - and some tips that organizations can use to defend themselves.
New Backdoor Created Using Leaked CIA's Hive Malware Discovered in the Wild https://thehackernews.com/2023/01/new-backdoor-created-using-leaked-cias.html
👍1
MSI's (in)Secure Boot https://dawidpotocki.com/en/2023/01/13/msi-insecure-boot/
The FBI Identified a Tor User https://www.schneier.com/blog/archives/2023/01/the-fbi-identified-a-tor-user.html
Hacking ICS Historians: The Pivot Point from IT to OT https://claroty.com/team82/research/hacking-ics-historians-the-pivot-point-from-it-to-ot
Claroty
Hacking ICS/OT Data Historians: The Pivot Point
Discover the vulnerabilities we found hacking ICS/OT Data Historian, GE's industry-leading historian server with Claroty.
CVE-2021-31985: Exploiting the Windows Defender AsProtect Heap Overflow Vulnerability https://www.pixiepointsecurity.com/blog/nday-cve-2021-31985.html
🔥2
Gone Phishing: Hunting for Malicious Industrial-Themed Emails to Prevent Operational Technology Compromises https://www.mandiant.com/resources/blog/phishing-hunting-industrial-emails
Google Cloud Blog
Gone Phishing: Hunting for Malicious Industrial-Themed Emails to Prevent Operational Technology Compromises | Mandiant | Google…
Mandiant regularly observes actors spreading industrial-themed phishing emails.
Inglourious Drivers – A Journey of Finding Vulnerabilities in Drivers https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
Cyberark
Inglourious Drivers – A Journey of Finding Vulnerabilities in Drivers
TL;DR I discovered multiple bugs in OEM vendors for peripheral devices, which affected many users of these OEM vendors (Razer, EVGA, MSI, AMI). Many of the vulnerabilities originated in a...
Exploiting CVE-2021-3490 for Container Escapes https://www.crowdstrike.com/blog/exploiting-cve-2021-3490-for-container-escapes/
crowdstrike.com
Exploiting CVE-2021-3490 for Container Escapes | CrowdStrike
Learn how to modify and exploit a Linux Kernel vulnerability to escape container environments, and how CrowdStrike can help to prevent and hunt for similar threats.
Building a io_uring based network scanner in Rust https://www.synacktiv.com/publications/building-a-iouring-based-network-scanner-in-rust.html
Synacktiv
Building a io_uring based network scanner in Rust
The MarkdownTime Vulnerability: How to Avoid This DoS Attack on Business Critical Services https://www.legitsecurity.com/blog/dos-via-software-supply-chain-innumerable-projects-exposed-to-a-markdown-library-vulnerability
Legitsecurity
The MarkdownTime Vulnerability Explained & How to Prevent It
Explore our findings on a common markdown syntax vulnerability and its potential to cause Denial-of-Service (DoS) attacks.
Technical Advisory – U-Boot – Unchecked Download Size and Direction in USB DFU (CVE-2022-2347) https://research.nccgroup.com/2023/01/20/technical-advisory-u-boot-unchecked-download-size-and-direction-in-usb-dfu-cve-2022-2347/