Mama Always Told Me Not to Trust Strangers without Certificates https://blog.grimm-co.com/2021/09/mama-always-told-me-not-to-trust.html
Bughound: open-source static code analysis tool https://securityonline.info/bughound-open-source-static-code-analysis-tool/
Cybersecurity News
Bughound: open-source static code analysis tool
Bughound is an open-source static code analysis tool that analyzes your code and sends the results to Elasticsearch and Kibana
Reverse Engineering Adventures: League of Legends Wild Rift (IL2CPP) https://katyscode.wordpress.com/2021/01/15/reverse-engineering-adventures-league-of-legends-wild-rift-il2cpp/
Katy's Code
Reverse Engineering Adventures: League of Legends Wild Rift (IL2CPP)
The most common issue I receive on the tracker for Il2CppInspector is “this file won’t load”. Oftentimes this is due to a bug in the tool, but sometimes it leads me down a reverse…
A Journey Into the Beauty of DNSRebinding (part 1& part 2): https://blog.mindedsecurity.com/2021/02/journey-into-beauty-of-dnsrebinding.html https://blog.mindedsecurity.com/2021/08/a-journey-into-beauty-of-dnsrebinding.html
Mindedsecurity
A Journey Into the Beauty of DNSRebinding - Part 1
Authors Giovanni Guido Alessandro Braccio Abstract In this first blog post about DNS rebinding topic, we are going to show a practical exa...
The Art of the Device Code Phish https://0xboku.com/2021/07/12/ArtOfDeviceCodePhish.html
Boku
The Art of the Device Code Phish
Nice collection of Windows process injection methods https://github.com/odzhan/injection
Bluetooth → Wi-Fi Code Execution & Wi-Fi Debugging https://naehrdine.blogspot.com/2021/04/bluetooth-wi-fi-code-execution-wi-fi.html
Blogspot
Bluetooth → Wi-Fi Code Execution & Wi-Fi Debugging
Wireless and firmware hacking, PhD life, Technology
iOS14.8: Patch CVE-2021-1740 again silently https://jhftss.github.io/CVE-2021-1740-Invalid-Patch/
jhftss.github.io
iOS14.8: Patch CVE-2021-1740 again silently
As well known, iOS14.8 patched two 0 days in the wild, one of which is the pegasus 0-click vulnerability. You can get the root cause and more interesting findings by reading my analysis from here.
Great reading on micro-architectural attacks » Battle for Secure Caches: Attacks and Defenses on Randomized Caches https://www.sigarch.org/battle-for-secure-caches-attacks-and-defenses-on-randomized-caches/
SIGARCH
Battle for Secure Caches: Attacks and Defenses on Randomized Caches
There is a battle ongoing in the realm of secure caches. Cache side-channels are a serious security problem as they allow an attacker to monitor a victim program’s execution and leak sensitive data…
PetitPotam – NTLM Relay to AD CS https://pentestlab.blog/2021/09/14/petitpotam-ntlm-relay-to-ad-cs/
Penetration Testing Lab
PetitPotam – NTLM Relay to AD CS
Deployment of an Active Directory Certificate Services (AD CS) on a corporate environment could allow system administrators to utilize it for establishing trust between different directory objects.…
Rootend - A *Nix Enumerator And Auto Privilege Escalation Tool https://www.kitploit.com/2021/09/rootend-nix-enumerator-and-auto.html
KitPloit - PenTest & Hacking Tools
Rootend - A *Nix Enumerator And Auto Privilege Escalation Tool
Automation in Reverse Engineering C++ STL/Template Code https://www.msreverseengineering.com/blog/2021/9/21/automation-in-reverse-engineering-c-template-code
Möbius Strip Reverse Engineering
Automation in Reverse Engineering C++ STL/Template Code — Möbius Strip Reverse Engineering
Overview and Motivation
High-Severity RCE Vulnerability Found in Several Netgear Routers https://cybersecuritylog.com/high-severity-rce-vulnerability-found-in-several-netgear-routers
Cybersecuritylog
High-Severity RCE Vulnerability Found in Several Netgear Routers
Cybersecurity experts discovered a serious RCE vulnerability in several Netgear models.
#OMIGOD Exploits Captured in the Wild. Researchers responsible for half of scans for related ports https://isc.sans.edu/diary/rss/27852
SANS Internet Storm Center
InfoSec Handlers Diary Blog
#OMIGOD Exploits Captured in the Wild. Researchers responsible for half of scans for related ports., Author: Johannes Ullrich
Making permissions auto-reset available to billions more devices https://android-developers.googleblog.com/2021/09/making-permissions-auto-reset-available.html?m=1
Android Developers Blog
Making permissions auto-reset available to billions more devices
Posted by Peter Visontay, Software Engineer; Bessie Jiang, Software Engineer Contributors: Inara Ramji, Software Engineer; Rodrigo Farel...
Analyzing The ForcedEntry Zero-Click iPhone Exploit Used By Pegasus https://www.trendmicro.com/en_us/research/21/i/analyzing-pegasus-spywares-zero-click-iphone-exploit-forcedentry.html
Trend Micro
Analyzing The ForcedEntry Zero-Click iPhone Exploit Used By Pegasus
Citizen Lab has released a report on a new iPhone threat dubbed ForcedEntry. This zero-click exploit seems to be able to circumvent Apple's BlastDoor security, and allow attackers access to a device without user interaction.
Analyzing attacks that exploit the CVE-2021-40444 MSHTML vulnerability https://www.microsoft.com/security/blog/2021/09/15/analyzing-attacks-that-exploit-the-mshtml-cve-2021-40444-vulnerability/
Microsoft Security Blog
Analyzing attacks that exploit the CVE-2021-40444 MSHTML vulnerability | Microsoft Security Blog
This blog details our in-depth analysis of the attacks that used the CVE-2021-40444, provides detection details and investigation guidance for Microsoft 365 Defender customers, and lists mitigation steps for hardening networks against this and similar attacks.
Numando: Count once, code twice https://www.welivesecurity.com/2021/09/17/numando-latam-banking-trojan/
WeLiveSecurity
Numando: Count once, code twice
ESET Research continues its series on Latin American banking trojans, this time dissecting Numando, which targets mainly Brazil and rarely Mexico and Spain.