A deep-dive into the SolarWinds Serv-U SSH vulnerability https://www.microsoft.com/security/blog/2021/09/02/a-deep-dive-into-the-solarwinds-serv-u-ssh-vulnerability/
Microsoft Security Blog
A deep-dive into the SolarWinds Serv-U SSH vulnerability | Microsoft Security Blog
We're sharing technical information about the vulnerability tracked as CVE-2021-35211, which was used to attack the SolarWinds Serv-U FTP software in limited and targeted attacks.
PST, Want a Shell? ProxyShell Exploiting Microsoft Exchange Servers https://www.fireeye.com/blog/threat-research/2021/09/proxyshell-exploiting-microsoft-exchange-servers.html
Now Patched Vulnerability in WhatsApp could have led to data exposure of users https://research.checkpoint.com/2021/now-patched-vulnerability-in-whatsapp-could-have-led-to-data-exposure-of-users/
Check Point Research
Now Patched Vulnerability in WhatsApp could have led to data exposure of users - Check Point Research
Research by Dikla Barda & Gal Elbaz As of 2021, WhatsApp is the most popular global mobile messenger app worldwide with approximately two billion monthly active users. It allows users to send text and voice messages, make voice and video calls, and share…
Anatomy and Disruption of Metasploit Shellcode https://blog.nviso.eu/2021/09/02/anatomy-and-disruption-of-metasploit-shellcode/
NVISO Labs
Anatomy and Disruption of Metasploit Shellcode
In April 2021 we went through the anatomy of a Cobalt Strike stager and how some of its signature evasion techniques ended up being ineffective against detection technologies. In this blog post we …
Telegram Self-Destruct? Not Always https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/telegram-self-destruct-not-always/
Trustwave
Telegram Self-Destruct? Not Always
Secret-Chats in Telegram use end-to-end encryption, which is meant for people who are concerned about the security and privacy of their chat history. The messages can be read only by sender and receiver, and not even Telegram administrators have the encryption…
iOS Pentesting 101 https://cobalt.io/blog/ios-pentesting-101
www.cobalt.io
iOS Pentesting 101
Learn essential techniques for iOS application security testing, exploring architecture, jailbreaking, SSL pinning, and more in this comprehensive pentesting guide.
Summary:
The blog provides a comprehensive guide to iOS application security testing, covering…
Summary:
The blog provides a comprehensive guide to iOS application security testing, covering…
Obfuscating Malicious, Macro-Enabled Word Docs https://depthsecurity.com/blog/obfuscating-malicious-macro-enabled-word-docs
Depth Security | A Konica Minolta Service
Obfuscating Malicious, Macro-Enabled Word Docs | Depth Security
Learn more about malicious word documents from the Depth Security team in this blog post. Depth Security provides an experienced take on the subject.
Silently Unmasking Virgin Media VPN Users in Seconds (CVE-2019-16651) https://fidusinfosec.com/silently-unmasking-virgin-media-vpn-users-in-seconds-cve-2019-16651/
Fidus Information Security
Silently Unmasking Virgin Media VPN Users in Seconds (CVE-2019-16651) - Fidus Information Security
Introduction Fidus’ R&D team identified a vulnerability within Virgin Media Super Hub 3 routers that permitted for exfiltration of sensitive information remotely, which, among other things, can be used to determine the actual, ISP issued IP address of VPN…
Good write-up >> CVE-2021-40444 Analysis/Exploit https://xret2pwn.github.io/CVE-2021-40444-Analysis-and-Exploit/
RET2Pwn
CVE-2021-40444 Analysis/Exploit
Intro
Very efficient exploit for CVE-2021-40444. Just 6 lines of JavaScript 😂 https://twitter.com/j00sean/status/1437390861499838466?s=09
Twitter
j00sean
I'm too late at CVE-2021-40444 party. But i just wanted to take a look at MSIE exploitation. Awesome to see a full exploit (RCE w/ sandbox escape) only using 6 lines of javascript code. Cool no doubt.
Vulnerability Spotlight: Code execution vulnerability in Nitro Pro PDF https://blog.talosintelligence.com/2021/09/nitro-pro-code-execution.html
Cisco Talos Blog
Vulnerability Spotlight: Code execution vulnerability in Nitro Pro PDF
A Cisco Talos team member discovered these vulnerabilities.
Cisco Talos recently discovered a vulnerability in the Nitro Pro PDF reader that could allow an attacker to execute code in the context of the application.
Nitro Pro PDF is part of Nitro Software’s…
Cisco Talos recently discovered a vulnerability in the Nitro Pro PDF reader that could allow an attacker to execute code in the context of the application.
Nitro Pro PDF is part of Nitro Software’s…
VaultFuzzer: A state-based approach for Linux kernel https://hardenedvault.net/2021/09/13/vaultfuzzer.html
Remote Code Execution 0-Day (CVE-2021-40444) Hits Windows, Triggered Via Office Docs https://www.trendmicro.com/en_us/research/21/i/remote-code-execution-zero-day--cve-2021-40444--hits-windows--tr.html
Trend Micro
Remote Code Execution Zero-Day (CVE-2021-40444) Hits Windows, Triggered Via Office Docs
Vulnerability Spotlight: Heap buffer overflow vulnerability in Ribbonsoft dxflib library https://blog.talosintelligence.com/2021/09/vuln-spotlight-ribbonsoft.html
Cisco Talos Blog
Vulnerability Spotlight: Heap buffer overflow vulnerability in Ribbonsoft dxflib library
Lilith >_> of Cisco Talos discovered this vulnerability.
Cisco Talos recently discovered an exploitable heap-based buffer overflow vulnerability in Ribbonsoft’s dxflib library that could lead to code execution.
The dxflib library is a C++ library utilized…
Cisco Talos recently discovered an exploitable heap-based buffer overflow vulnerability in Ribbonsoft’s dxflib library that could lead to code execution.
The dxflib library is a C++ library utilized…
Interested in disabling DEP in Windows using ROP? Our new post is ready! We explain how to use the new version of our ROP3 tool at https://reversea.me/index.php/disabling-dep-in-windows-7-using-rop3/, do not miss it! Thanks to @ricardojrdez for the contribution ❤️
SharpSpray: Active Directory password spraying tool https://securityonline.info/sharpspray-active-directory-password-spraying-tool/
Cybersecurity News
SharpSpray v1.1 releases: Active Directory password spraying tool
SharpSpray is a Windows domain password spraying tool written in .NET C#. This tool uses LDAP Protocol to communicate with the Domain AD services
macOS XPC Exploitation - Sandbox Share case study https://www.synacktiv.com/en/publications/macos-xpc-exploitation-sandbox-share-case-study.html
Synacktiv
macOS XPC Exploitation - Sandbox Share case study
Cybersecurity Advisory: Hackers Are Exploiting CVE-2021-40444 https://www.huntress.com/blog/cybersecurity-advisory-hackers-are-exploiting-cve-2021-40444
Huntress
Threat Advisory: Hackers Are Exploiting CVE-2021-40444 | Huntress
Huntress is monitoring a new threat against Windows OS and Microsoft Office products (CVE-2021-40444). The MSHTML engine is vulnerable to arbitrary code execution.
ZDI-21-1053: Bypassing Windows Lock Screen https://halove23.blogspot.com/2021/09/zdi-21-1053-bypassing-windows-lock.html
SSRF in PDF export with PhantomJs() https://xhzeem.me/posts/SSRF-in-PDF-export-with-PhantomJs/read/
xhzeem.me
Hi there, I'm Anas Roubi ... A hacker.