Gatekeeper’s Achilles heel: Unearthing a macOS vulnerability
https://www.microsoft.com/en-us/security/blog/2022/12/19/gatekeepers-achilles-heel-unearthing-a-macos-vulnerability/
https://www.microsoft.com/en-us/security/blog/2022/12/19/gatekeepers-achilles-heel-unearthing-a-macos-vulnerability/
Microsoft News
Gatekeeper’s Achilles heel: Unearthing a macOS vulnerability
Microsoft discovered a vulnerability in macOS, referred to as “Achilles”, allowing attackers to bypass application execution restrictions enforced by the Gatekeeper security mechanism.
EfiXplorer: Hunting UEFI Firmware NVRAM Vulnerabilities
https://binarly.io/posts/efiXplorer_Hunting_UEFI_Firmware_NVRAM_Vulnerabilities/index.html
https://binarly.io/posts/efiXplorer_Hunting_UEFI_Firmware_NVRAM_Vulnerabilities/index.html
https://binarly.io/
efiXplorer: Hunting UEFI Firmware NVRAM Vulnerabilities | Binarly – AI -Powered Firmware Supply Chain Security Platform
Binarly released a new version of efiXplorer v5.2 [Xmas Edition] today, with support for the new IDA SDK v8.2 and the addition of multiple code analysis improvements.
👍1🔥1
Windows built-in Sandbox Disables Microsoft Defender and other EDR/AV: Attack Detection and Prevention via MemoryRanger
https://youtu.be/NGrSPuC7xr0
https://youtu.be/NGrSPuC7xr0
YouTube
Texas Cyber Summit 2022: Windows built-in Sandbox Disables Microsoft Defender and other EDR/AV
"Windows built-in Sandbox Disables Microsoft Defender and other EDR/AV: Attack Detection and Prevention via MemoryRanger"
• Kernel attacks are still serious for Windows OS security. It is crucial to analyze the popular techniques that result in loading…
• Kernel attacks are still serious for Windows OS security. It is crucial to analyze the popular techniques that result in loading…
How to share what you’ve learned from our audits
https://blog.trailofbits.com/2022/12/22/curl-security-audit-threat-model/
https://blog.trailofbits.com/2022/12/22/curl-security-audit-threat-model/
The Trail of Bits Blog
How to share what you’ve learned from our audits
Trail of Bits recently completed a security review of cURL, which is an amazing and ubiquitous tool for transferring data. We were really thrilled to see cURL founder and lead developer Daniel Stenberg write a blog post about the engagement and the report…
GLeeFuzz: Fuzzing WebGL Through Error Message Guided Mutation
https://www.usenix.org/system/files/sec23summer_249-peng-prepub.pdf
https://www.usenix.org/system/files/sec23summer_249-peng-prepub.pdf
👍1
Reverse Engineering TikTok's VM Obfuscation (Part 2)
https://ibiyemiabiodun.com/projects/reversing-tiktok-pt2/
https://ibiyemiabiodun.com/projects/reversing-tiktok-pt2/
🔥1
Disclosing a New Vulnerability in JWT Secret Poisoning (CVE-2022-23529)
https://unit42.paloaltonetworks.com/jsonwebtoken-vulnerability-cve-2022-23529/
https://unit42.paloaltonetworks.com/jsonwebtoken-vulnerability-cve-2022-23529/
Unit 42
Security Issue in JWT Secret Poisoning (Updated)
We discovered a new high-severity vulnerability (CVE-2022-23529) in the popular JsonWebToken open source project.
🔥1
Bad things come in large packages: .pkg signature verification bypass on macOS
https://sector7.computest.nl/post/2023-01-xar/
https://sector7.computest.nl/post/2023-01-xar/
Sector 7
Bad things come in large packages: .pkg signature verification bypass on macOS
Code signing of applications is an essential element of macOS security. Besides signing applications, it is also possible to sign installer packages (.pkg files). During a short review of the xar source code, we found a vulnerability (CVE-2022-42841) that…
kaijie-liu-malicious-code-classification-method-of.pdf
1.1 MB
Malicious Code Classification Method of Advanced Persistent Threat Based on Asm2Vec
👍2🆒1
alrabaee-saed-a-survey-of-binary-code-fingerprinting.pdf
2.2 MB
A Survey of Binary Code Fingerprinting Approaches: Taxonomy, Methodologies, and Features
Detecting Excessive Data Exposures in Web Server Responses with Metamorphic Fuzzing
https://arxiv.org/pdf/2301.09258.pdf
https://arxiv.org/pdf/2301.09258.pdf
Taking the next step: OSS-Fuzz in 2023
https://security.googleblog.com/2023/02/taking-next-step-oss-fuzz-in-2023.html
https://security.googleblog.com/2023/02/taking-next-step-oss-fuzz-in-2023.html
Google Online Security Blog
Taking the next step: OSS-Fuzz in 2023
Posted by Oliver Chang, OSS-Fuzz team Since launching in 2016 , Google's free OSS-Fuzz code testing service has helped get over 8800 vul...
👍1🔥1
Active Directory: Using LDAP Queries for Stealthy Enumeration
https://snikt.net/blog/2023/01/25/active-directory-using-ldap-queries-for-stealthy-enumeration/
https://snikt.net/blog/2023/01/25/active-directory-using-ldap-queries-for-stealthy-enumeration/
snikt.net
Active Directory: Using LDAP Queries for Stealthy Enumeration -
Andreas Happe sometimes blogs about development, life or security.
🔥1
Behind the Scenes: How we are securing our new PDF stack
https://microsoftedge.github.io/edgevr/posts/How-we-are-securing-our-new-PDF-stack/
https://microsoftedge.github.io/edgevr/posts/How-we-are-securing-our-new-PDF-stack/
Microsoft Browser Vulnerability Research
Behind the Scenes: How we are securing our new PDF stack
As we recently published on the Microsoft Edge Dev blog, Adobe and Microsoft are enhancing the PDF experience and value users have come to expect in Microsoft Edge. Adobe brings an unrivalled breadth of experience in the PDF space, and we are looking forward…
👍1