New Backdoor Created Using Leaked CIA's Hive Malware Discovered in the Wild https://thehackernews.com/2023/01/new-backdoor-created-using-leaked-cias.html
👍1
MSI's (in)Secure Boot https://dawidpotocki.com/en/2023/01/13/msi-insecure-boot/
The FBI Identified a Tor User https://www.schneier.com/blog/archives/2023/01/the-fbi-identified-a-tor-user.html
Hacking ICS Historians: The Pivot Point from IT to OT https://claroty.com/team82/research/hacking-ics-historians-the-pivot-point-from-it-to-ot
Claroty
Hacking ICS/OT Data Historians: The Pivot Point
Discover the vulnerabilities we found hacking ICS/OT Data Historian, GE's industry-leading historian server with Claroty.
CVE-2021-31985: Exploiting the Windows Defender AsProtect Heap Overflow Vulnerability https://www.pixiepointsecurity.com/blog/nday-cve-2021-31985.html
🔥2
Gone Phishing: Hunting for Malicious Industrial-Themed Emails to Prevent Operational Technology Compromises https://www.mandiant.com/resources/blog/phishing-hunting-industrial-emails
Google Cloud Blog
Gone Phishing: Hunting for Malicious Industrial-Themed Emails to Prevent Operational Technology Compromises | Mandiant | Google…
Mandiant regularly observes actors spreading industrial-themed phishing emails.
Inglourious Drivers – A Journey of Finding Vulnerabilities in Drivers https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
Cyberark
Inglourious Drivers – A Journey of Finding Vulnerabilities in Drivers
TL;DR I discovered multiple bugs in OEM vendors for peripheral devices, which affected many users of these OEM vendors (Razer, EVGA, MSI, AMI). Many of the vulnerabilities originated in a...
Exploiting CVE-2021-3490 for Container Escapes https://www.crowdstrike.com/blog/exploiting-cve-2021-3490-for-container-escapes/
crowdstrike.com
Exploiting CVE-2021-3490 for Container Escapes | CrowdStrike
Learn how to modify and exploit a Linux Kernel vulnerability to escape container environments, and how CrowdStrike can help to prevent and hunt for similar threats.
Building a io_uring based network scanner in Rust https://www.synacktiv.com/publications/building-a-iouring-based-network-scanner-in-rust.html
Synacktiv
Building a io_uring based network scanner in Rust
The MarkdownTime Vulnerability: How to Avoid This DoS Attack on Business Critical Services https://www.legitsecurity.com/blog/dos-via-software-supply-chain-innumerable-projects-exposed-to-a-markdown-library-vulnerability
Legitsecurity
The MarkdownTime Vulnerability Explained & How to Prevent It
Explore our findings on a common markdown syntax vulnerability and its potential to cause Denial-of-Service (DoS) attacks.
Technical Advisory – U-Boot – Unchecked Download Size and Direction in USB DFU (CVE-2022-2347) https://research.nccgroup.com/2023/01/20/technical-advisory-u-boot-unchecked-download-size-and-direction-in-usb-dfu-cve-2022-2347/
Dissecting and Exploiting TCP/IP RCE Vulnerability “EvilESP” https://securityintelligence.com/posts/dissecting-exploiting-tcp-ip-rce-vulnerability-evilesp/
Security Intelligence
Dissecting and Exploiting TCP/IP RCE Vulnerability “EvilESP”
See how one IBM X-Force researcher reverse engineered the patch for CVE-2022-34718, and unpack the affected protocols, how the bug was identified, and how it was reproduced.
How macOS schedules background activities https://eclecticlight.co/2023/01/21/how-macos-schedules-background-activities/
The Eclectic Light Company
How macOS schedules background activities
The story of how Mac OS X went from cron, to launchd, and ended up with Duet Activity Scheduler, to schedule background activities like backups.
👍2
A step-by-step introduction to the use of ROP gadgets to bypass DEP https://cybergeeks.tech/a-step-by-step-introduction-to-the-use-of-rop-gadgets-to-bypass-dep/
We thought they were potatoes but they were beans (from Service Account to SYSTEM again) https://decoder.cloud/2019/12/06/we-thought-they-were-potatoes-but-they-were-beans/
Decoder's Blog
We thought they were potatoes but they were beans (from Service Account to SYSTEM again)
This post has been written by me and two friends: @splinter_code and 0xea31This is the “unintended” result of a research we did on Juicypotato exploit in order to find a possible …
CVE-2023-24068 && CVE-2023-24069: Abusing Signal Desktop Client for fun and for Espionage https://johnjhacking.com/blog/cve-2023-24068-cve-2023-24069/
Johnjhacking
CVE-2023-24068 && CVE-2023-24069: Abusing Signal Desktop Client for fun and for Espionage
A flaw in how files are stored in Signal Desktop ≤ 6.2.0 allows a threat actor to potentially obtain sensitive attachments sent in messages. Subsequently, a similar issue with Signal Desktop ≤ 6.2.0 exists, allowing an an attacker to modify conversation attachments…
Avoiding Detection with Shellcode Mutator https://labs.nettitude.com/blog/shellcode-source-mutations/
LRQA
Avoiding Detection with Shellcode Mutator
Today we are releasing a new tool to help red teamers avoid detection. Shellcode is a small piece of code that is typically used as the payload in an exploit, and can often be detected by its “signature”, or unique pattern
🔥1