HEAP HEAP HOORAY — Unveiling GLIBC heap overflow vulnerability (CVE-2023–6246) #GLIBC #heapoverflow #FengShui #CVE-2023-6246 #exploitation https://medium.com/@elpepinillo/heap-heap-hooray-unveiling-glibc-heap-overflow-vulnerability-cve-2023-6246-0c6412423269
Medium
HEAP HEAP HOORAY — Unveiling GLIBC heap overflow vulnerability (CVE-2023–6246)
HEAP HEAP HOORAY — Unveiling GLIBC heap overflow vulnerability (CVE-2023–6246) INTRODUCTION In January 30th, Qualys team found a heap overflow in the __vsyslog_internal function of the Glibc …
XZ Utils Made Me Paranoid #TrustedSec #XZUtils #Paranoid #Backdoor #SecurityScanner https://trustedsec.com/blog/xz-utils-made-me-paranoid
TrustedSec
XZ Utils Made Me Paranoid
Identify XZ Utils backdoors by parsing ELF binaries, identifying function hooks, and comparing memory sections in real-time, using tools like ptrace and…
pcap-did-what: Analyze pcaps with Zeek and a Grafana Dashboard #GitHub #pcapAnalysis #Zeek #Grafana #NetworkMonitoring https://github.com/hackertarget/pcap-did-what
GitHub
GitHub - hackertarget/pcap-did-what: Analyze pcaps with Zeek and a Grafana Dashboard
Analyze pcaps with Zeek and a Grafana Dashboard. Contribute to hackertarget/pcap-did-what development by creating an account on GitHub.
Everyday Ghidra: Symbols — Prescription Lenses for Reverse Engineers — Part 1 #EverydayGhidra #ReverseEngineeringSymbols #GhidraTips #SymbolInformationSources https://medium.com/@clearbluejar/everyday-ghidra-symbols-prescription-lenses-for-reverse-engineers-part-1-d3efe9279a0b
Medium
Everyday Ghidra: Symbols — Prescription Lenses for Reverse Engineers — Part 1
In reverse engineering a closed-source binary using Ghidra or other software reverse engineering frameworks, a key objective is to…
🔥3
16 years of CVE-2008-0166 #16YearsCVE2008 #DebianOpenSSLBug #DKIMBIMI2024 #EmailVulnerability #SecurityIssues https://16years.secvuln.info/
16years.secvuln.info
16 years of CVE-2008-0166 - Debian OpenSSL Bug
Many DKIM setups used cryptographic keys vulnerable to the 2008 Debian OpenSSL Bug (CVE-2008-0166) in 2024.
"Password cracking: past, present, future" OffensiveCon 2024 keynote talk slides (by Solar Designer) #OffensiveCon2024 #PasswordCracking #SecurityTalk #Evolution https://www.openwall.com/lists/announce/2024/05/14/1
🔥1
QakBot attacks with Windows zero-day (CVE-2024-30051) #QakBot #CVE202430051 #WindowsZeroDay #Kaspersky #Cybersecurity https://securelist.com/cve-2024-30051/112618/
Securelist
QakBot attacks with Windows zero-day (CVE-2024-30051)
In April 2024, while researching CVE-2023-36033, we discovered another zero-day elevation-of-privilege vulnerability, which was assigned CVE-2024-30051 identifier and patched on May, 14 as part of Microsoft's patch Tuesday. We have seen it exploited by QakBot…
Executing Cobalt Strike's BOFs on ARM-based Linux devices #CobaltStrike #BOFs #ARM #Linux #Zig https://blog.z-labs.eu/2024/05/10/bofs-on-arm-based-devices.html
To the Moon and back(doors): Lunar landing in diplomatic missions #ESETResearch #LunarToolset #CyberSecurity #TurlaAPT #RussianCyberEspionage https://www.welivesecurity.com/en/eset-research/moon-backdoors-lunar-landing-diplomatic-missions/
Welivesecurity
To the Moon and back(doors): Lunar landing in diplomatic missions
ESET researchers provide technical analysis of the Lunar toolset, likely used by the Turla APT group, that infiltrated a European ministry of foreign affairs
QNAP QTS - QNAPping At The Wheel (CVE-2024-27130 and friends) #QNAP #QTS #CVE-2024-27130 #bugdiscovery #NASdevices https://labs.watchtowr.com/qnap-qts-qnapping-at-the-wheel-cve-2024-27130-and-friends/
watchTowr Labs
QNAP QTS - QNAPping At The Wheel (CVE-2024-27130 and friends)
Infosec is, at it’s heart, all about that data. Obtaining access to it (or disrupting access to it) is in every ransomware gang and APT group’s top-10 to-do-list items, and so it makes sense that our research voyage would, at some point, cross paths with…
Discover Proton Mail registration date with one weird trick… https://iq.thc.org/discover-proton-mail-registration-date-with-one-weird-trick
Microsoft Entra Private Access for on-prem users #Microsoft #PrivateAccess #OnPrem #Security #HybridWork https://techcommunity.microsoft.com/t5/microsoft-entra-blog/microsoft-entra-private-access-for-on-prem-users/ba-p/3905450
TECHCOMMUNITY.MICROSOFT.COM
Microsoft Entra Private Access for on-prem users | Microsoft Community Hub
Enable secure access to private apps that use Domain Controller for authentication
Emulating inline decryption for triaging C++ malware #C++ #Malware #ReverseEngineering #InlineDecryption #Emulation https://viuleeenz.github.io/posts/2024/05/emulating-inline-decryption-for-triaging-c-malware/
Security Undisguised
Emulating inline decryption for triaging C++ malware
What we need to know? C and C++ binaries share several commonalities, however, some additional features and complexities introduced by C++ can make reverse engineering C++ binaries more challenging compared to C binaries. Some of the most important features…
“Beeeeeeeeep!”. How Malware Uses the Beep WinAPI Function for Anti-Analysis #Malware #BeepFunction #AntiAnalysis #SecurityLiterate #WinAPI https://securityliterate.com/beeeeeeeeep-how-malware-uses-the-beep-winapi-function-for-anti-analysis/
Kyle Cucci's Cyber Ramblings
“Beeeeeeeeep!”. How Malware Uses the Beep WinAPI Function for Anti-Analysis
I was recently analyzing a malware sample that abuses the Beep function as an interesting evasion tactic. The Beep function basically plays an audible tone notification for the user. The Beep funct…
CVE-2024-4040-SSTI-LFI-PoC: CVE-2024-4040 CrushFTP SSTI LFI & Auth Bypass | Full Server Takeover | Wordlist Support #GitHub #CVE-2024-4040 #SSTI #LFI #PoC https://github.com/Stuub/CVE-2024-4040-SSTI-LFI-PoC
GitHub
GitHub - Stuub/CVE-2024-4040-SSTI-LFI-PoC: CVE-2024-4040 CrushFTP SSTI LFI & Auth Bypass | Full Server Takeover | Wordlist Support
CVE-2024-4040 CrushFTP SSTI LFI & Auth Bypass | Full Server Takeover | Wordlist Support - Stuub/CVE-2024-4040-SSTI-LFI-PoC
system32 important files #OffensiveSecurity #SystemIntegrity #MalwareDetection #FileAbuse https://redteamrecipe.com/system32-important-files
ExpiredDomains.com
redteamrecipe.com is for sale! Check it out on ExpiredDomains.com
Buy redteamrecipe.com for 100 on GoDaddy via ExpiredDomains.com. This premium expired .com domain is ideal for establishing a strong online identity.
🥱1
Leveraging DNS Tunneling for Tracking and Scanning #DNSTunneling #Tracking #Scanning #Security #ThreatResearch https://unit42.paloaltonetworks.com/three-dns-tunneling-campaigns/
Unit 42
Leveraging DNS Tunneling for Tracking and Scanning
We provide a walkthrough of how attackers leverage DNS tunneling for tracking and scanning, an expansion of the way this technique is usually exploited.
CFG in Windows 11 24H2 #CFG #Windows11 #Hotpatching #SCPCFG #Reversing https://ynwarcs.github.io/Win11-24H2-CFG
###
CFG in Windows 11 24H2
Hotpatching has been looming over Windows 11 for a while now, having already been shipped on the server & cloud deployments. It first came out in March that the first major version to include it will be 24H2, which can now be confirmed in a few minutes of…
🔥1