https://github.blog/2021-06-10-privilege-escalation-polkit-root-on-linux-with-bug/
@iotpenetrationtesting
@iotpenetrationtesting
The GitHub Blog
Privilege escalation with polkit: How to get root on Linux with a seven-year-old bug
polkit is a system service installed by default on many Linux distributions. It’s used by systemd, so any Linux distribution that uses systemd also uses polkit.
Open-Source Method Makes Possible Two-Layer PCBs With Through-Plating At Home
https://hackaday.com/2021/06/11/open-source-method-makes-possible-two-layer-pcbs-with-through-plating-at-home/
@iotpenetrationtesting
https://hackaday.com/2021/06/11/open-source-method-makes-possible-two-layer-pcbs-with-through-plating-at-home/
@iotpenetrationtesting
INL-EXT-20-58574-Rev-002.pdf
2.1 MB
#SCADA_Security
"CCE Case Study:
Stinky Cheese Company", 2020.
// This document explores how to apply the CCE methodology to identify worst-case functional impacts and determine High Consequence Events (HCEs) in a fictional case study
"CCE Case Study:
Stinky Cheese Company", 2020.
// This document explores how to apply the CCE methodology to identify worst-case functional impacts and determine High Consequence Events (HCEs) in a fictional case study
locked nRF52840 firmware finally dumped, Archivemend unlocked!
......
https://twitter.com/atc1441/status/1404546415343308808?s=09
@iotpenetrationtesting
......
https://twitter.com/atc1441/status/1404546415343308808?s=09
@iotpenetrationtesting
#Malware_analysis
1. Multi Perimeter Device Exploit Mirai Version Hunting
For Sonicwall, DLink, Cisco and more
https://isc.sans.edu/forums/diary/Multi+Perimeter+Device+Exploit+Mirai+Version+Hunting+For+Sonicwall+DLink+Cisco+and+more/27528
2. Stealing tokens, emails, files and more in Microsoft Teams through malicious tabs
https://medium.com/tenable-techblog/stealing-tokens-emails-files-and-more-in-microsoft-teams-through-malicious-tabs-a7e5ff07b138
1. Multi Perimeter Device Exploit Mirai Version Hunting
For Sonicwall, DLink, Cisco and more
https://isc.sans.edu/forums/diary/Multi+Perimeter+Device+Exploit+Mirai+Version+Hunting+For+Sonicwall+DLink+Cisco+and+more/27528
2. Stealing tokens, emails, files and more in Microsoft Teams through malicious tabs
https://medium.com/tenable-techblog/stealing-tokens-emails-files-and-more-in-microsoft-teams-through-malicious-tabs-a7e5ff07b138
SANS Internet Storm Center
Multi Perimeter Device Exploit Mirai Version Hunting For Sonicwall, DLink, Cisco and more
Multi Perimeter Device Exploit Mirai Version Hunting For Sonicwall, DLink, Cisco and more, Author: Johannes Ullrich
A Smart Light Bulb Running Doom Is A Pretty Bright Idea
https://hackaday.com/2021/06/15/a-smart-light-bulb-running-doom-is-a-pretty-bright-idea/
#Hardware
#pretty
#smart
@iotpenetrationtesting
https://hackaday.com/2021/06/15/a-smart-light-bulb-running-doom-is-a-pretty-bright-idea/
#Hardware
#pretty
#smart
@iotpenetrationtesting
IoT Security Foundation Publications
https://www.iotsecurityfoundation.org/best-practice-guidelines/
#iot
#iot_sec
@iotpenetrationtesting
https://www.iotsecurityfoundation.org/best-practice-guidelines/
#iot
#iot_sec
@iotpenetrationtesting
I'm putting a wi-fi router into a wall changer - part 1
https://machinehum.medium.com/im-putting-a-wifi-router-into-a-wall-charger-part-1-882df714bbf3
#wifi
@iotpenetrationtesting
https://machinehum.medium.com/im-putting-a-wifi-router-into-a-wall-charger-part-1-882df714bbf3
#wifi
@iotpenetrationtesting
Peloton Bike+ vulnerability allowed complete takeover of devices
https://www.bleepingcomputer.com/news/security/peloton-bike-plus-vulnerability-allowed-complete-takeover-of-devices/
#Hardware
@iotpenetrationtesting
https://www.bleepingcomputer.com/news/security/peloton-bike-plus-vulnerability-allowed-complete-takeover-of-devices/
#Hardware
@iotpenetrationtesting
Top 5 Internet of Things (IoT) Hacking Tools
https://blog.eccouncil.org/top-5-internet-of-things-iot-hacking-tools/
#iot
#tools
@iotpenetrationtesting
https://blog.eccouncil.org/top-5-internet-of-things-iot-hacking-tools/
#iot
#tools
@iotpenetrationtesting
https://www.udemy.com/course/the-internet-of-things-iot-2020-trends-and-the-future/?couponCode=10D2F2107D53BE82FF02
#iot
@iotpenetrationtesting
#iot
@iotpenetrationtesting
Udemy
Online Courses - Learn Anything, On Your Schedule | Udemy
Udemy is an online learning and teaching marketplace with over 213,000 courses and 62 million students. Learn programming, marketing, data science and more.
exploit
CVE-2020-11235:
Buffer overflow might occur while parsing unified command due to lack of check of input data received in Snapdragon Auto / Compute / Connectivity / Consumer Electronics Connectivity /IOT / Industrial IOT / Mobile
https://github.com/PwnCast/CVE-2020-11235
CVE-2020-11238:
Possible Buffer over-read in ARP/NS parsing due to lack of check of packet length received in Snapdragon Auto / Compute / Connectivity / Consumer Electronics Connectivity /IOT / Industrial IOT / Mobile
https://github.com/PwnCast/CVE-2020-11238
#IoT
#CisoasaService
@iotpenetrationtesting
CVE-2020-11235:
Buffer overflow might occur while parsing unified command due to lack of check of input data received in Snapdragon Auto / Compute / Connectivity / Consumer Electronics Connectivity /IOT / Industrial IOT / Mobile
https://github.com/PwnCast/CVE-2020-11235
CVE-2020-11238:
Possible Buffer over-read in ARP/NS parsing due to lack of check of packet length received in Snapdragon Auto / Compute / Connectivity / Consumer Electronics Connectivity /IOT / Industrial IOT / Mobile
https://github.com/PwnCast/CVE-2020-11238
#IoT
#CisoasaService
@iotpenetrationtesting
Deploying_Secure_VVOIP_Systems.pdf
819.5 KB
"Deploying Secure Unified Communications/Voice and Video over IP Systems, ver.1.0", 2021.
#Blue_Team_Techniques
@iotpenetrationtesting
#Blue_Team_Techniques
@iotpenetrationtesting