Gone Phishing: Hunting for Malicious Industrial-Themed Emails to Prevent Operational Technology Compromises https://www.mandiant.com/resources/blog/phishing-hunting-industrial-emails
Google Cloud Blog
Gone Phishing: Hunting for Malicious Industrial-Themed Emails to Prevent Operational Technology Compromises | Mandiant | Google…
Mandiant regularly observes actors spreading industrial-themed phishing emails.
Inglourious Drivers – A Journey of Finding Vulnerabilities in Drivers https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
Cyberark
Inglourious Drivers – A Journey of Finding Vulnerabilities in Drivers
TL;DR I discovered multiple bugs in OEM vendors for peripheral devices, which affected many users of these OEM vendors (Razer, EVGA, MSI, AMI). Many of the vulnerabilities originated in a...
Exploiting CVE-2021-3490 for Container Escapes https://www.crowdstrike.com/blog/exploiting-cve-2021-3490-for-container-escapes/
crowdstrike.com
Exploiting CVE-2021-3490 for Container Escapes | CrowdStrike
Learn how to modify and exploit a Linux Kernel vulnerability to escape container environments, and how CrowdStrike can help to prevent and hunt for similar threats.
Building a io_uring based network scanner in Rust https://www.synacktiv.com/publications/building-a-iouring-based-network-scanner-in-rust.html
Synacktiv
Building a io_uring based network scanner in Rust
The MarkdownTime Vulnerability: How to Avoid This DoS Attack on Business Critical Services https://www.legitsecurity.com/blog/dos-via-software-supply-chain-innumerable-projects-exposed-to-a-markdown-library-vulnerability
Legitsecurity
The MarkdownTime Vulnerability Explained & How to Prevent It
Explore our findings on a common markdown syntax vulnerability and its potential to cause Denial-of-Service (DoS) attacks.
Technical Advisory – U-Boot – Unchecked Download Size and Direction in USB DFU (CVE-2022-2347) https://research.nccgroup.com/2023/01/20/technical-advisory-u-boot-unchecked-download-size-and-direction-in-usb-dfu-cve-2022-2347/
Dissecting and Exploiting TCP/IP RCE Vulnerability “EvilESP” https://securityintelligence.com/posts/dissecting-exploiting-tcp-ip-rce-vulnerability-evilesp/
Security Intelligence
Dissecting and Exploiting TCP/IP RCE Vulnerability “EvilESP”
See how one IBM X-Force researcher reverse engineered the patch for CVE-2022-34718, and unpack the affected protocols, how the bug was identified, and how it was reproduced.
How macOS schedules background activities https://eclecticlight.co/2023/01/21/how-macos-schedules-background-activities/
The Eclectic Light Company
How macOS schedules background activities
The story of how Mac OS X went from cron, to launchd, and ended up with Duet Activity Scheduler, to schedule background activities like backups.
👍2
A step-by-step introduction to the use of ROP gadgets to bypass DEP https://cybergeeks.tech/a-step-by-step-introduction-to-the-use-of-rop-gadgets-to-bypass-dep/
We thought they were potatoes but they were beans (from Service Account to SYSTEM again) https://decoder.cloud/2019/12/06/we-thought-they-were-potatoes-but-they-were-beans/
Decoder's Blog
We thought they were potatoes but they were beans (from Service Account to SYSTEM again)
This post has been written by me and two friends: @splinter_code and 0xea31This is the “unintended” result of a research we did on Juicypotato exploit in order to find a possible …
CVE-2023-24068 && CVE-2023-24069: Abusing Signal Desktop Client for fun and for Espionage https://johnjhacking.com/blog/cve-2023-24068-cve-2023-24069/
Johnjhacking
CVE-2023-24068 && CVE-2023-24069: Abusing Signal Desktop Client for fun and for Espionage
A flaw in how files are stored in Signal Desktop ≤ 6.2.0 allows a threat actor to potentially obtain sensitive attachments sent in messages. Subsequently, a similar issue with Signal Desktop ≤ 6.2.0 exists, allowing an an attacker to modify conversation attachments…
Avoiding Detection with Shellcode Mutator https://labs.nettitude.com/blog/shellcode-source-mutations/
LRQA
Avoiding Detection with Shellcode Mutator
Today we are releasing a new tool to help red teamers avoid detection. Shellcode is a small piece of code that is typically used as the payload in an exploit, and can often be detected by its “signature”, or unique pattern
🔥1
Polish Cyber Defenses and the Russia-Ukraine War https://www.cfr.org/blog/polish-cyber-defenses-and-russia-ukraine-war
Council on Foreign Relations
Polish Cyber Defenses and the Russia-Ukraine War
Polish Cyber Defenses and the Russia-Ukraine War The crisis between NATO countries and Russia following Russia’s invasion of Ukraine has involved aggressive rhetoric, military warnings, sabotage of critical infrastructure, nuclear saber-rattling, and cyberattacks.…
New version of Remcos RAT uses direct syscalls to evade detection https://minerva-labs.com/blog/new-version-of-remcos-rat-uses-direct-syscalls-to-evade-detection/
Rapid7
Rapid7 Cybersecurity - Command Your Attack Surface
Level up SecOps with the only endpoint to cloud, unified cybersecurity platform. Confidently act to prevent breaches with a leading MDR partner. Request demo!
Pwning the all Google phone with a non-Google bug https://github.blog/2023-01-23-pwning-the-all-google-phone-with-a-non-google-bug/
The GitHub Blog
Pwning the all Google phone with a non-Google bug
It turns out that the first “all Google” phone includes a non-Google bug. Learn about the details of CVE-2022-38181, a vulnerability in the Arm Mali GPU. Join me on my journey through reporting the vulnerability to the Android security team, and the exploit…
Good to understand how conditional jumps internally work » Reverse-engineering the conditional jump circuitry in the 8086 processor https://www.righto.com/2023/01/reverse-engineering-conditional-jump.html
Righto
Reverse-engineering the conditional jump circuitry in the 8086 processor
Intel introduced the 8086 microprocessor in 1978 and it had a huge influence on computing. I'm reverse-engineering the 8086 by examining t...
Bitwarden design flaw: Server side iterations https://palant.info/2023/01/23/bitwarden-design-flaw-server-side-iterations/
Almost Secure
Bitwarden design flaw: Server side iterations
Bitwarden is a hot candidate for a LastPass replacement. Looking into how they encrypt data, it doesn’t do things that much better however.
👍2
Tampering User Attributes In AWS Cognito User Pools https://blog.doyensec.com/2023/01/24/tampering-unrestricted-user-attributes-aws-cognito.html
Doyensec
Tampering User Attributes In AWS Cognito User Pools
The challenge for the data-import CloudSecTidbit is basically reading the content of an internal bucket. The frontend web application is using the targeted bucket to store the logo of the app.