Finding Truth in the Shadows https://www.elastic.co/security-labs/finding-truth-in-the-shadows
www.elastic.co
Finding Truth in the Shadows — Elastic Security Labs
Let's discuss three benefits that Hardware Stack Protections brings beyond the intended exploit mitigation capability, and explain some limitations.
Ransacking your password reset tokens https://positive.security/blog/ransack-data-exfiltration
positive.security
Ransacking your password reset tokens | Positive Security
We demonstrate how the popular "Ransack" library (Ruby on Rails) can be abused to exfiltrate sensitive data via character by character brute-force, allowing for a full application compromise in some cases. An internet wide search identifies several hundred…
Abusing Exceptions for Code Execution, Part 2 https://billdemirkapi.me/abusing-exceptions-for-code-execution-part-2/
Bill Demirkapi's Blog
Abusing Exceptions for Code Execution, Part 2
In this article, we'll explore how the concepts behind Exception Oriented Programming can be abused when exploiting stack overflow vulnerabilities on Windows.
Fun with Gentoo: Why don't we just shuffle those ROP gadgets away? https://quitesimple.org/page/fun-gentoo-shuffle-rop-gadgets
Into the Pickle Barrel: How Thinking About Precision as a System Can Expand the Munition Stockpile https://warontherocks.com/2023/01/into-the-pickle-barrel-how-thinking-about-precision-as-a-system-can-expand-the-munition-stockpile/
War on the Rocks
Into the Pickle Barrel: How Thinking About Precision as a System Can Expand the Munition Stockpile
The camera from a small drone steadies on a Russian T-72 tank somewhere in Ukraine. Slight movements can be seen in the video as the Ukrainian operator
Factorization (DCQF) of a 48-bit integer using 10 trapped-ion qubits https://arxiv.org/pdf/2301.11005.pdf
CVE-2021-34462: Exploiting the Windows AppXSvc Service Logic-Error Vulnerability https://www.pixiepointsecurity.com/blog/nday-cve-2021-34462.html
Froxlor v2.0.6 Remote Command Execution (CVE-2023-0315) https://shells.systems/froxlor-v2-0-6-remote-command-execution-cve-2023-0315/
Shells.Systems
Froxlor v2.0.6 Remote Command Execution (CVE-2023-0315) - Shells.Systems
Estimated Reading Time: 8 minutesSummary about Froxlor Froxlor is a web-based server management software for Linux-based operating systems. It is primarily used to manage web hosting environments and allows users to create and manage websites, email accounts…
Precision Munitions for Denial of Service https://beny23.github.io/posts/precision_munitions_for_denial_of_service/
beny23.github.io
Precision Munitions for Denial of Service
There’s a metaphor about the fight between attackers and defenders in the Denial of Service cybersecurity game. It’s an “arms race” between ever bigger attacks throwing huge amounts of traffic at ever more sophisticated defenses (e.g. AWS shield).
Incidentally…
Incidentally…
PowerShell-FIM: Proof-of-concept file integrity monitor written in PowerShell https://github.com/CsaProtocol/PowerShell-FIM
Come to the dark side: hunting IT professionals on the dark web https://securelist.com/darknet-it-headhunting/108526/
Securelist
IT specialists search and recruitment on the dark web
We have analyzed more than 800 IT job ads and resumes on the dark web. Here is what the dark web job market looks like.
How to Develop Intuition for Security Research: Apply the Scientific Method https://www.researchinnovations.com/post/how-to-develop-intuition-for-security-research-apply-the-scientific-method
Research Innovations
How to Develop Intuition for Security Research: Apply the Scientific Method
Intuition plays a prominent role in security research. It guides a researcher’s thought process to determine how to prioritize system components for analysis. What is the source of intuition? Can its source be defined and systematized so new researchers can…
CVE-2023-22374: F5 BIG-IP Format String Vulnerability https://www.rapid7.com/blog/post/2023/02/01/cve-2023-22374-f5-big-ip-format-string-vulnerability/
Rapid7
CVE-2023-22374: F5 BIG-IP Format String Vulnerability | Rapid7 Blog
Rapid7 found an additional vulnerability in the appliance-mode REST interface. We disclosing it in accordance with our vulnerability disclosure policy.
Jumping into SOCKS https://sensepost.com/blog/2023/jumping-into-socks/
🔥1
Breaking Docker Named Pipes SYSTEMatically: Docker Desktop Privilege Escalation – Part 1 https://www.cyberark.com/resources/threat-research-blog/breaking-docker-named-pipes-systematically-docker-desktop-privilege-escalation-part-1
Cyberark
Breaking Docker Named Pipes SYSTEMatically: Docker Desktop Privilege Escalation – Part 1
Everything started when I was researching Windows containers. It required installing Docker Desktop for Windows, and I couldn’t help but notice that there were many Docker processes. Since some of...
A collection of Frida.re instrumentation scripts to facilitate reverse engineering of mobile apps https://github.com/0xdea/frida-scripts
GitHub
GitHub - 0xdea/frida-scripts: A collection of my Frida instrumentation scripts to reverse engineer mobile apps and more.
A collection of my Frida instrumentation scripts to reverse engineer mobile apps and more. - 0xdea/frida-scripts
ImageMagick: The hidden vulnerability behind your online images https://www.metabaseq.com/imagemagick-zero-days/
Tracing the Linux kernel using Exein Pulsar: a 5 Minute Tutorial https://blog.exein.io/pulsar-tutorial
Exein
Tracing the Linux kernel using Exein Pulsar: a 5 Minute Tutorial
This hands on tutorial goes through the installation, setup and usage of Exein Pulsar.
Pulsar is an open-source security observability framework that uses eBPF to trace events in the kernel space.
Pulsar is an open-source security observability framework that uses eBPF to trace events in the kernel space.
HyperDbg Debugger: open-source, community-driven, hypervisor-assisted, user-mode, and kernel-mode Windows debugger https://github.com/HyperDbg/HyperDbg
GitHub
GitHub - HyperDbg/HyperDbg: State-of-the-art native debugging tools
State-of-the-art native debugging tools. Contribute to HyperDbg/HyperDbg development by creating an account on GitHub.
PixPirate: a new Brazilian Banking Trojan https://www.cleafy.com/cleafy-labs/pixpirate-a-new-brazilian-banking-trojan
Cleafy
PixPirate: a new Brazilian Banking Trojan | Cleafy LABS
Learn about PixPirate, the new Android banking trojan discovered by Cleafy TIR. This malware uses ATS to automate malicious money transfers via the Pix payment platform used by multiple Brazilian banks. Discover its features, including interception of banking…