Ten process injection techniques: A technical survey of common and trending process injection techniques
https://www.elastic.co/blog/ten-process-injection-techniques-technical-survey-common-and-trending-process
https://www.elastic.co/blog/ten-process-injection-techniques-technical-survey-common-and-trending-process
Elastic Blog
Ten process injection techniques: A technical survey of common and trending process injection techniques
Process injection is a widespread defense evasion technique employed often within malware and fileless adversary tradecraft, and entails running custom code within the address space of another process...
SIGRed – Resolving Your Way into Domain Admin: Exploiting a 17 Year-old Bug in Windows DNS Servers
17-year-old vulnerability in all of Windows DNS Servers.
SIGRed (CVE-2020-1350) is a wormable, critical vulnerability that can be used to achieve full Domain Administrator privileges.
https://research.checkpoint.com/2020/resolving-your-way-into-domain-admin-exploiting-a-17-year-old-bug-in-windows-dns-servers/
17-year-old vulnerability in all of Windows DNS Servers.
SIGRed (CVE-2020-1350) is a wormable, critical vulnerability that can be used to achieve full Domain Administrator privileges.
https://research.checkpoint.com/2020/resolving-your-way-into-domain-admin-exploiting-a-17-year-old-bug-in-windows-dns-servers/
Check Point Research
SIGRed - Resolving Your Way into Domain Admin: Exploiting a 17 Year-old Bug in Windows DNS Servers - Check Point Research
Research by: Sagi Tzadik Introduction DNS, which is often described as the “phonebook of the internet”, is a network protocol for translating human-friendly computer hostnames into IP addresses. Because it is such a core component of the internet, there are…
Vulnerability Spotlight: Multiple vulnerabilities in RemoteFX affects, AMD, Intel chips
https://blog.talosintelligence.com/2020/07/vuln-spotlight-intel-amd-microsoft-july-2020.html?m=1
https://blog.talosintelligence.com/2020/07/vuln-spotlight-intel-amd-microsoft-july-2020.html?m=1
Talosintelligence
Vulnerability Spotlight: Multiple vulnerabilities in RemoteFX affects, AMD, Intel chips
A blog from the world class Intelligence Group, Talos, Cisco's Intelligence Group
Bug in New Function ExAllocatePoolZero Results in Security Vulnerability and Crashes
https://www.osr.com/blog/2020/07/14/bug-in-new-function-exallocatepoolzero-results-in-security-vulnerability-and-crashes/
https://www.osr.com/blog/2020/07/14/bug-in-new-function-exallocatepoolzero-results-in-security-vulnerability-and-crashes/
OSR
Bug in New Function ExAllocatePoolZero Results in Security Vulnerability and Crashes
Update: Late in December 2020 Microsoft issued an update to the WDK/EWDK that includes mitigations for this security issue. See our blog post describing these updates. tl;dr Last week (week of 5 Ju…
Exploit Development: Playing ROP’em COP’em Robots with WriteProcessMemory()
https://connormcgarr.github.io/ROP2/
https://connormcgarr.github.io/ROP2/
Connor McGarr’s Blog
Exploit Development: Playing ROP’em COP’em Robots with WriteProcessMemory()
Gaining code execution with WriteProcessMemory() via ROP and outlining the occasional need for Call-Oriented Programming.
Anonymous Poll
80%
Да)
20%
Нет)
Злоумышленники постят в Твиттере от известных лиц скам, уже пострадали Илон Маск и Билл Гейтс)
https://twitter.com/tylerwinklevoss/status/1283492017041965058
https://twitter.com/tylerwinklevoss/status/1283492017041965058
https://twitter.com/Apple
Apple просто удалила все свои твиты) Злоумышленники уже нарулили сотни тысяч долларов (по данным чуваков следящих за кошельками)
Apple просто удалила все свои твиты) Злоумышленники уже нарулили сотни тысяч долларов (по данным чуваков следящих за кошельками)
X (formerly Twitter)
Apple (@Apple) on X
https://t.co/4dZx1rwvgY
Один из кошельков на который собирали
https://www.blockchain.com/btc/address/bc1qxy2kgdygjrsqtzq2n0yrf2493p83kkfjhx0wlh?page=2
Остальные кошельки
bc1qxy2kgdygjrsqtzq2n0yrf2493p83kkfjhx0wlh (5.422BTC ~ $50,000)
1Ai52Uw6usjhpcDrwSmkUvjuqLpcznUuyF (2.32BTC ~ $22,000)
35PYyJCRAKbxPumZe2zDVYcxMrg6cEHP9P (4.47BTC ~ $ 41,000)
3ChjurNXe6eJrgvF3Hz4Hw4rEgSRkkCeN5 (4.68BTC ~ $43,000)
https://www.blockchain.com/btc/address/bc1qxy2kgdygjrsqtzq2n0yrf2493p83kkfjhx0wlh?page=2
Остальные кошельки
bc1qxy2kgdygjrsqtzq2n0yrf2493p83kkfjhx0wlh (5.422BTC ~ $50,000)
1Ai52Uw6usjhpcDrwSmkUvjuqLpcznUuyF (2.32BTC ~ $22,000)
35PYyJCRAKbxPumZe2zDVYcxMrg6cEHP9P (4.47BTC ~ $ 41,000)
3ChjurNXe6eJrgvF3Hz4Hw4rEgSRkkCeN5 (4.68BTC ~ $43,000)