New version of Remcos RAT uses direct syscalls to evade detection https://minerva-labs.com/blog/new-version-of-remcos-rat-uses-direct-syscalls-to-evade-detection/
Rapid7
Rapid7 Cybersecurity - Command Your Attack Surface
Level up SecOps with the only endpoint to cloud, unified cybersecurity platform. Confidently act to prevent breaches with a leading MDR partner. Request demo!
Pwning the all Google phone with a non-Google bug https://github.blog/2023-01-23-pwning-the-all-google-phone-with-a-non-google-bug/
The GitHub Blog
Pwning the all Google phone with a non-Google bug
It turns out that the first “all Google” phone includes a non-Google bug. Learn about the details of CVE-2022-38181, a vulnerability in the Arm Mali GPU. Join me on my journey through reporting the vulnerability to the Android security team, and the exploit…
Good to understand how conditional jumps internally work » Reverse-engineering the conditional jump circuitry in the 8086 processor https://www.righto.com/2023/01/reverse-engineering-conditional-jump.html
Righto
Reverse-engineering the conditional jump circuitry in the 8086 processor
Intel introduced the 8086 microprocessor in 1978 and it had a huge influence on computing. I'm reverse-engineering the 8086 by examining t...
Bitwarden design flaw: Server side iterations https://palant.info/2023/01/23/bitwarden-design-flaw-server-side-iterations/
Almost Secure
Bitwarden design flaw: Server side iterations
Bitwarden is a hot candidate for a LastPass replacement. Looking into how they encrypt data, it doesn’t do things that much better however.
👍2
Tampering User Attributes In AWS Cognito User Pools https://blog.doyensec.com/2023/01/24/tampering-unrestricted-user-attributes-aws-cognito.html
Doyensec
Tampering User Attributes In AWS Cognito User Pools
The challenge for the data-import CloudSecTidbit is basically reading the content of an internal bucket. The frontend web application is using the targeted bucket to store the logo of the app.
Analyzing Malicious OneNote Documents https://blog.didierstevens.com/2023/01/22/analyzing-malicious-onenote-documents/
Didier Stevens
Analyzing Malicious OneNote Documents
About a week ago, I was asked if I had tools for OneNote files. I don’t, and I had no time to take a closer look. But last Thursday night, I had some time to take a look. I looked at this One…
Exploiting null-dereferences in the Linux kernel https://googleprojectzero.blogspot.com/2023/01/exploiting-null-dereferences-in-linux.html
projectzero.google
Exploiting null-dereferences in the Linux kernel
Posted by Seth Jenkins, Project Zero For a fair amount of time, null-deref bugs were a highly e...
Getting to know memblock https://insecuremode.com/post/2021/12/14/getting-to-know-memblock.html
Insecure mode
Getting to know memblock
Less than five seconds – that’s how long you need to wait to get your Linux kernel up and running. But it’s hardly an idle time for Linux – the system has to process configuration, perform architecture-specific setups and initialize many subsystems.
We've started a new series of blog posts on the history of malware! You can already read the first part, which summarizes the 70s. Enjoy the reading! » A Brief History of Malware (Part 1) https://reversea.me/index.php/a-brief-history-of-malware-part-1/
Exploiting a Critical Spoofing Vulnerability in Windows CryptoAPI
https://www.akamai.com/blog/security-research/exploiting-critical-spoofing-vulnerability-microsoft-cryptoapi
https://www.akamai.com/blog/security-research/exploiting-critical-spoofing-vulnerability-microsoft-cryptoapi
Akamai
Exploiting a Critical Spoofing Vulnerability in Windows CryptoAPI | Akamai
Akamai researchers have analyzed a critical vulnerability in Microsoft's CryptoAPI that would allow an attacker to masquerade as a legitimate entity.
Finding Truth in the Shadows https://www.elastic.co/security-labs/finding-truth-in-the-shadows
www.elastic.co
Finding Truth in the Shadows — Elastic Security Labs
Let's discuss three benefits that Hardware Stack Protections brings beyond the intended exploit mitigation capability, and explain some limitations.
Ransacking your password reset tokens https://positive.security/blog/ransack-data-exfiltration
positive.security
Ransacking your password reset tokens | Positive Security
We demonstrate how the popular "Ransack" library (Ruby on Rails) can be abused to exfiltrate sensitive data via character by character brute-force, allowing for a full application compromise in some cases. An internet wide search identifies several hundred…
Abusing Exceptions for Code Execution, Part 2 https://billdemirkapi.me/abusing-exceptions-for-code-execution-part-2/
Bill Demirkapi's Blog
Abusing Exceptions for Code Execution, Part 2
In this article, we'll explore how the concepts behind Exception Oriented Programming can be abused when exploiting stack overflow vulnerabilities on Windows.
Fun with Gentoo: Why don't we just shuffle those ROP gadgets away? https://quitesimple.org/page/fun-gentoo-shuffle-rop-gadgets
Into the Pickle Barrel: How Thinking About Precision as a System Can Expand the Munition Stockpile https://warontherocks.com/2023/01/into-the-pickle-barrel-how-thinking-about-precision-as-a-system-can-expand-the-munition-stockpile/
War on the Rocks
Into the Pickle Barrel: How Thinking About Precision as a System Can Expand the Munition Stockpile
The camera from a small drone steadies on a Russian T-72 tank somewhere in Ukraine. Slight movements can be seen in the video as the Ukrainian operator
Factorization (DCQF) of a 48-bit integer using 10 trapped-ion qubits https://arxiv.org/pdf/2301.11005.pdf
CVE-2021-34462: Exploiting the Windows AppXSvc Service Logic-Error Vulnerability https://www.pixiepointsecurity.com/blog/nday-cve-2021-34462.html
Froxlor v2.0.6 Remote Command Execution (CVE-2023-0315) https://shells.systems/froxlor-v2-0-6-remote-command-execution-cve-2023-0315/
Shells.Systems
Froxlor v2.0.6 Remote Command Execution (CVE-2023-0315) - Shells.Systems
Estimated Reading Time: 8 minutesSummary about Froxlor Froxlor is a web-based server management software for Linux-based operating systems. It is primarily used to manage web hosting environments and allows users to create and manage websites, email accounts…
Precision Munitions for Denial of Service https://beny23.github.io/posts/precision_munitions_for_denial_of_service/
beny23.github.io
Precision Munitions for Denial of Service
There’s a metaphor about the fight between attackers and defenders in the Denial of Service cybersecurity game. It’s an “arms race” between ever bigger attacks throwing huge amounts of traffic at ever more sophisticated defenses (e.g. AWS shield).
Incidentally…
Incidentally…
PowerShell-FIM: Proof-of-concept file integrity monitor written in PowerShell https://github.com/CsaProtocol/PowerShell-FIM
Come to the dark side: hunting IT professionals on the dark web https://securelist.com/darknet-it-headhunting/108526/
Securelist
IT specialists search and recruitment on the dark web
We have analyzed more than 800 IT job ads and resumes on the dark web. Here is what the dark web job market looks like.