Malware analysis - Mirai Botnet Huawei exploit CVE-2017-17215 https://www.youtube.com/watch?v=KVJyYTie-Dc
YouTube
Analyzing Mirai Botnet Huawei Exploit - Malware Analysis
Malware Analyst Professional - Level 1 Online Course - https://training.trainsec.net/malware-analyst-professional
Follow me on Twitter: https://Twitter.com/MalFuzzer
Get my book - Antivirus Bypass Techniques at the following link:
https://www.amazon.com/Antivirus…
Follow me on Twitter: https://Twitter.com/MalFuzzer
Get my book - Antivirus Bypass Techniques at the following link:
https://www.amazon.com/Antivirus…
Vulnerability in Bumble dating app reveals any user's exact location https://robertheaton.com/bumble-vulnerability/
Robert Heaton
Vulnerability in Bumble dating app reveals any user's exact location | Robert Heaton
The vulnerability in this post is real. The story and characters are obviously not.
What You Need to Know About PrintNightmare Vulnerability (CVE-2021-34527) https://blog.cymulate.com/printnightmare-cve/
Cymulate
Blog
Stay up to date on the latest cybersecurity news and expert insights. Cymulate's blog is constantly being updated, so be sure to check back often.
The Ultimate Guide to PrintNightmare (and overcoming it) https://www.mdmandgpanswers.com/blogs/view-blog/the-ultimate-guide-to-printnightmare-and-overcoming-it
MDMGPAnswers.com
View Blog
Where SMART MDM & Group Policy Admins come to Get Smarter.
Relaying NTLM authentication over RPC again… https://blog.compass-security.com/2021/08/relaying-ntlm-authentication-over-rpc-again/
Hook Heaps and Live Free https://www.arashparsa.com/hook-heaps-and-live-free/
Arash's Blog
Hook Heaps and Live Free
Table of Contents
1. Introduction
2. Hooking 1. IAT Hooking
2. Trampoline Hooking
3. Putting the EXE Together
4. Thread Targeted Heap Encryption: Considerations
5. Additional Observations During the Journey
UPDATE
Decided to add a small…
1. Introduction
2. Hooking 1. IAT Hooking
2. Trampoline Hooking
3. Putting the EXE Together
4. Thread Targeted Heap Encryption: Considerations
5. Additional Observations During the Journey
UPDATE
Decided to add a small…
nice tool! » ghidra2frida – The new bridge between Ghidra and Frida https://security.humanativaspa.it/ghidra2frida-the-new-bridge-between-ghidra-and-frida/
hn security
ghidra2frida - The new bridge between Ghidra and Frida - hn security
Hi! Today I’m publishing a new […]
Mirage: powerful and modular framework dedicated to the security analysis of wireless communications https://github.com/RCayre/mirage
GitHub
GitHub - RCayre/mirage: Mirage is a powerful and modular framework dedicated to the security analysis of wireless communications.
Mirage is a powerful and modular framework dedicated to the security analysis of wireless communications. - GitHub - RCayre/mirage: Mirage is a powerful and modular framework dedicated to the sec...
How To Remove Malware From WordPress Website Using Sitelock https://beginnersblog.medium.com/how-to-remove-malware-from-wordpress-website-using-sitelock-ac8815aeb32
How I got RCE In The World Largest Russian Company https://infosecwriteups.com/how-i-got-rce-in-the-world-largest-russian-company-8e6e8288bc4e
Medium
How I got RCE In The World Largest Russian Company
Thinking outside the box
How to analyze mobile malware: a Cabassous/FluBot Case study https://blog.nviso.eu/2021/04/19/how-to-analyze-mobile-malware-a-cabassous-flubot-case-study/
NVISO Labs
How to analyze mobile malware: a Cabassous/FluBot Case study
This blogpost explains all the steps I took while analyzing the Cabassous/FluBot malware. I wrote this while analyzing the sample and I’ve written down both successful and failed attempts at …
Nice summary of iOS network monitoring techniques https://twitter.com/ddouhine/status/1430881952559685633
Twitter
Davy Douhine
Proxying is not the only way to monitor network traffic on your iOS mobile apps 📲 Different techniques for different use cases. Here's an attempt to summarize them. If you know other techniques plz tell me 🙏#mobilesecurity
Good reading » The Android Platform Security Model https://dl.acm.org/doi/10.1145/3448609
ACM Transactions on Privacy and Security
The Android Platform Security Model | ACM Transactions on Privacy and Security
Android is the most widely deployed end-user focused operating system. With its growing
set of use cases encompassing communication, navigation, media consumption, entertainment,
finance, health, and access to sensors, actuators, cameras, or microphones,...
set of use cases encompassing communication, navigation, media consumption, entertainment,
finance, health, and access to sensors, actuators, cameras, or microphones,...
Fuzzing RDP: Holding the Stick at Both Ends https://www.cyberark.com/resources/threat-research-blog/fuzzing-rdp-holding-the-stick-at-both-ends
Cyberark
Fuzzing RDP: Holding the Stick at Both Ends
Introduction This post describes the work we’ve done on fuzzing the Windows RDP client and server, the challenges of doing so, and some of the results. The Remote Desktop Protocol (RDP) by...
Admin’s Nightmare: Combining HiveNightmare/SeriousSAM and AD CS Attack Path’s for Profit https://www.blackhillsinfosec.com/admins-nightmare-combining-hivenightmare-serioussam-and-ad-cs-attack-paths-for-profit/
Black Hills Information Security
Admin’s Nightmare: Combining HiveNightmare/SeriousSAM and AD CS Attack Path’s for Profit - Black Hills Information Security
Stephan Borosh // The year of 2021 has presented some interesting challenges to securing Windows and Active Directory environments with new flaws that Microsoft has been slow to address. In June, @Harmj0y and @tifkin_ […]
A repository of DFIR-related Mind Maps https://github.com/rathbuna/DFIRMindMaps
GitHub
GitHub - AndrewRathbun/DFIRMindMaps: A repository of DFIR-related Mind Maps geared towards the visual learners!
A repository of DFIR-related Mind Maps geared towards the visual learners! - AndrewRathbun/DFIRMindMaps
Black-Box Attacks on Perceptual Image Hashes with GANs https://towardsdatascience.com/black-box-attacks-on-perceptual-image-hashes-with-gans-cc1be11f277
Medium
Black-Box Attacks on Perceptual Image Hashes with GANs
tldr: This post demonstrates that GANs are capable of breaking image hash algorithms in two key ways: (1) Reversal Attack: Synthesizing the…
good old times! » Reverse engineering software licensing from early-2000s abandonware – Part 1 https://yingtongli.me/blog/2021/08/29/drm5-1.html
Awesome Android Security - A Curated List Of Android Security Materials And Resources For Pentesters And Bug Hunters https://www.kitploit.com/2020/10/awesome-android-security-curated-list.html
KitPloit - PenTest & Hacking Tools
Awesome Android Security - A Curated List Of Android Security Materials And Resources For Pentesters And Bug Hunters