elFinder - A Case Study of Web File Manager Vulnerabilities https://blog.sonarsource.com/elfinder-case-study-of-web-file-manager-vulnerabilities
Sonarsource
elFinder - A Case Study of Web File Manager Vulnerabilities
Our case study of elFinder 2.1.57 describes several critical code vulnerabilities commonly found in web file managers and how to patch them.
Snakes on a Domain: An Analysis of a Python Malware Loader https://www.huntress.com/blog/snakes-on-a-domain-an-analysis-of-a-python-malware-loader
Huntress
Snakes on a Domain: An Analysis of a Python Malware Loader | Huntress
Join us on a threat analysis journey as we discover a very shady Python—and a very friendly RAT.
Why do Windows functions all begin with a pointless MOV EDI, EDI instruction? https://devblogs.microsoft.com/oldnewthing/?p=9583
Microsoft News
Why do Windows functions all begin with a pointless MOV EDI, EDI instruction?
For future use.
CVE-2017-11176 PoC for Linux Kernel version 4.8.11, bypassing SMEP and SMAP (by stack pivoting inside the kernel and ROP) [UAF vuln] https://github.com/MaherAzzouzi/LinuxKernelStudy/tree/main/CVE-2017-11176
GitHub
LinuxKernelStudy/CVE-2017-11176 at main · MaherAzzouzi/LinuxKernelStudy
A repository to study the core components of Linux for exploitation purposes. - LinuxKernelStudy/CVE-2017-11176 at main · MaherAzzouzi/LinuxKernelStudy
Linker/Compiler/Tool detector for Windows, Linux and MacOS https://github.com/horsicq/Nauz-File-Detector
GitHub
GitHub - horsicq/Nauz-File-Detector: Linker/Compiler/Tool detector for Windows, Linux and MacOS.
Linker/Compiler/Tool detector for Windows, Linux and MacOS. - horsicq/Nauz-File-Detector
Crime Laundering Primer: Inside Ryuk Crime (Crypto) Ledger & Risky Asian Crypto Traders https://www.advintel.io/post/crime-laundering-primer-inside-ryuk-crime-crypto-ledger-risky-asian-crypto-traders
AdvIntel
Crime Laundering Primer: Inside Ryuk Crime (Crypto) Ledger & Risky Asian Crypto Traders
By Vitali Kremez and Brian Carter We are releasing the report today with the redacted version in research collaboration with the cybersecurity firm HYAS. Inside a mature, prolific, targeted cybercrime operation. Much has been written about the many families…
Malicious Campaign Targets Latin America: The seller, The operator and a curious link https://blog.talosintelligence.com/2021/08/rat-campaign-targets-latin-america.html
Cisco Talos Blog
Malicious Campaign Targets Latin America: The seller, The operator and a curious link
By Asheer Malhotra and Vitor Ventura, with contributions from Vanja Svajcer.
* Cisco Talos has observed a new malware campaign delivering commodity RATs, including njRAT and AsyncRAT.
* The campaign targets travel and hospitality organizations in Latin…
* Cisco Talos has observed a new malware campaign delivering commodity RATs, including njRAT and AsyncRAT.
* The campaign targets travel and hospitality organizations in Latin…
$200K vuln, not bad » (Pwn2Own) Microsoft Teams amsVideo Cross Site Scripting Vulnerability https://www.zerodayinitiative.com/advisories/ZDI-21-771/
Zerodayinitiative
ZDI-21-771
(Pwn2Own) Microsoft Teams amsVideo Cross Site Scripting Vulnerability
Google discloses unpatched Microsoft WFP Default Rules AppContainer Bypass EoP https://securityaffairs.co/wordpress/121370/hacking/microsoft-wfp-appcontainer-bypass.html
Security Affairs
Google discloses Microsoft WFP Default Rules AppContainer Capability Bypass EoP
Google disclosed the details of a Windows AppContainer vulnerability because Microsoft initially had no plans to fix it.
Malware analysis - Mirai Botnet Huawei exploit CVE-2017-17215 https://www.youtube.com/watch?v=KVJyYTie-Dc
YouTube
Analyzing Mirai Botnet Huawei Exploit - Malware Analysis
Malware Analyst Professional - Level 1 Online Course - https://training.trainsec.net/malware-analyst-professional
Follow me on Twitter: https://Twitter.com/MalFuzzer
Get my book - Antivirus Bypass Techniques at the following link:
https://www.amazon.com/Antivirus…
Follow me on Twitter: https://Twitter.com/MalFuzzer
Get my book - Antivirus Bypass Techniques at the following link:
https://www.amazon.com/Antivirus…
Vulnerability in Bumble dating app reveals any user's exact location https://robertheaton.com/bumble-vulnerability/
Robert Heaton
Vulnerability in Bumble dating app reveals any user's exact location | Robert Heaton
The vulnerability in this post is real. The story and characters are obviously not.
What You Need to Know About PrintNightmare Vulnerability (CVE-2021-34527) https://blog.cymulate.com/printnightmare-cve/
Cymulate
Blog
Stay up to date on the latest cybersecurity news and expert insights. Cymulate's blog is constantly being updated, so be sure to check back often.
The Ultimate Guide to PrintNightmare (and overcoming it) https://www.mdmandgpanswers.com/blogs/view-blog/the-ultimate-guide-to-printnightmare-and-overcoming-it
MDMGPAnswers.com
View Blog
Where SMART MDM & Group Policy Admins come to Get Smarter.
Relaying NTLM authentication over RPC again… https://blog.compass-security.com/2021/08/relaying-ntlm-authentication-over-rpc-again/
Hook Heaps and Live Free https://www.arashparsa.com/hook-heaps-and-live-free/
Arash's Blog
Hook Heaps and Live Free
Table of Contents
1. Introduction
2. Hooking 1. IAT Hooking
2. Trampoline Hooking
3. Putting the EXE Together
4. Thread Targeted Heap Encryption: Considerations
5. Additional Observations During the Journey
UPDATE
Decided to add a small…
1. Introduction
2. Hooking 1. IAT Hooking
2. Trampoline Hooking
3. Putting the EXE Together
4. Thread Targeted Heap Encryption: Considerations
5. Additional Observations During the Journey
UPDATE
Decided to add a small…
nice tool! » ghidra2frida – The new bridge between Ghidra and Frida https://security.humanativaspa.it/ghidra2frida-the-new-bridge-between-ghidra-and-frida/
hn security
ghidra2frida - The new bridge between Ghidra and Frida - hn security
Hi! Today I’m publishing a new […]
Mirage: powerful and modular framework dedicated to the security analysis of wireless communications https://github.com/RCayre/mirage
GitHub
GitHub - RCayre/mirage: Mirage is a powerful and modular framework dedicated to the security analysis of wireless communications.
Mirage is a powerful and modular framework dedicated to the security analysis of wireless communications. - GitHub - RCayre/mirage: Mirage is a powerful and modular framework dedicated to the sec...
How To Remove Malware From WordPress Website Using Sitelock https://beginnersblog.medium.com/how-to-remove-malware-from-wordpress-website-using-sitelock-ac8815aeb32
How I got RCE In The World Largest Russian Company https://infosecwriteups.com/how-i-got-rce-in-the-world-largest-russian-company-8e6e8288bc4e
Medium
How I got RCE In The World Largest Russian Company
Thinking outside the box