Nice collection of Windows process injection methods https://github.com/odzhan/injection
Bluetooth → Wi-Fi Code Execution & Wi-Fi Debugging https://naehrdine.blogspot.com/2021/04/bluetooth-wi-fi-code-execution-wi-fi.html
Blogspot
Bluetooth → Wi-Fi Code Execution & Wi-Fi Debugging
Wireless and firmware hacking, PhD life, Technology
iOS14.8: Patch CVE-2021-1740 again silently https://jhftss.github.io/CVE-2021-1740-Invalid-Patch/
jhftss.github.io
iOS14.8: Patch CVE-2021-1740 again silently
As well known, iOS14.8 patched two 0 days in the wild, one of which is the pegasus 0-click vulnerability. You can get the root cause and more interesting findings by reading my analysis from here.
Great reading on micro-architectural attacks » Battle for Secure Caches: Attacks and Defenses on Randomized Caches https://www.sigarch.org/battle-for-secure-caches-attacks-and-defenses-on-randomized-caches/
SIGARCH
Battle for Secure Caches: Attacks and Defenses on Randomized Caches
There is a battle ongoing in the realm of secure caches. Cache side-channels are a serious security problem as they allow an attacker to monitor a victim program’s execution and leak sensitive data…
PetitPotam – NTLM Relay to AD CS https://pentestlab.blog/2021/09/14/petitpotam-ntlm-relay-to-ad-cs/
Penetration Testing Lab
PetitPotam – NTLM Relay to AD CS
Deployment of an Active Directory Certificate Services (AD CS) on a corporate environment could allow system administrators to utilize it for establishing trust between different directory objects.…
Rootend - A *Nix Enumerator And Auto Privilege Escalation Tool https://www.kitploit.com/2021/09/rootend-nix-enumerator-and-auto.html
KitPloit - PenTest & Hacking Tools
Rootend - A *Nix Enumerator And Auto Privilege Escalation Tool
Automation in Reverse Engineering C++ STL/Template Code https://www.msreverseengineering.com/blog/2021/9/21/automation-in-reverse-engineering-c-template-code
Möbius Strip Reverse Engineering
Automation in Reverse Engineering C++ STL/Template Code — Möbius Strip Reverse Engineering
Overview and Motivation
High-Severity RCE Vulnerability Found in Several Netgear Routers https://cybersecuritylog.com/high-severity-rce-vulnerability-found-in-several-netgear-routers
Cybersecuritylog
High-Severity RCE Vulnerability Found in Several Netgear Routers
Cybersecurity experts discovered a serious RCE vulnerability in several Netgear models.
#OMIGOD Exploits Captured in the Wild. Researchers responsible for half of scans for related ports https://isc.sans.edu/diary/rss/27852
SANS Internet Storm Center
InfoSec Handlers Diary Blog
#OMIGOD Exploits Captured in the Wild. Researchers responsible for half of scans for related ports., Author: Johannes Ullrich
Making permissions auto-reset available to billions more devices https://android-developers.googleblog.com/2021/09/making-permissions-auto-reset-available.html?m=1
Android Developers Blog
Making permissions auto-reset available to billions more devices
Posted by Peter Visontay, Software Engineer; Bessie Jiang, Software Engineer Contributors: Inara Ramji, Software Engineer; Rodrigo Farel...
Analyzing The ForcedEntry Zero-Click iPhone Exploit Used By Pegasus https://www.trendmicro.com/en_us/research/21/i/analyzing-pegasus-spywares-zero-click-iphone-exploit-forcedentry.html
Trend Micro
Analyzing The ForcedEntry Zero-Click iPhone Exploit Used By Pegasus
Citizen Lab has released a report on a new iPhone threat dubbed ForcedEntry. This zero-click exploit seems to be able to circumvent Apple's BlastDoor security, and allow attackers access to a device without user interaction.
Analyzing attacks that exploit the CVE-2021-40444 MSHTML vulnerability https://www.microsoft.com/security/blog/2021/09/15/analyzing-attacks-that-exploit-the-mshtml-cve-2021-40444-vulnerability/
Microsoft Security Blog
Analyzing attacks that exploit the CVE-2021-40444 MSHTML vulnerability | Microsoft Security Blog
This blog details our in-depth analysis of the attacks that used the CVE-2021-40444, provides detection details and investigation guidance for Microsoft 365 Defender customers, and lists mitigation steps for hardening networks against this and similar attacks.
Numando: Count once, code twice https://www.welivesecurity.com/2021/09/17/numando-latam-banking-trojan/
WeLiveSecurity
Numando: Count once, code twice
ESET Research continues its series on Latin American banking trojans, this time dissecting Numando, which targets mainly Brazil and rarely Mexico and Spain.
Deus x64: computer security challenges regarding reverse-engineering and binary exploitation https://deusx64.ai/
Deus x64 | RET2 Systems
Deus x64 is an upcoming computer security and binary exploitation wargame by RET2 Systems
CVE-2021-26084: Details on the Recently Exploited Atlassian Confluence OGNL Injection Bug https://www.zerodayinitiative.com/blog/2021/9/21/cve-2021-26084-details-on-the-recently-exploited-atlassian-confluence-ognl-injection-bug
Zero Day Initiative
Zero Day Initiative — CVE-2021-26084: Details on the Recently Exploited Atlassian Confluence OGNL Injection Bug
In this excerpt of a Trend Micro Vulnerability Research Service vulnerability report, Guy Lederfein and Yazhi Wang of the Trend Micro Research Team detail a recent code injection bug in the Atlassian Confluence server. Since the publication of the vendor…
ForgeCert: Abusing Active Directory Certificate Services https://securityonline.info/forgecert-abusing-active-directory-certificate-services/
Cybersecurity News
ForgeCert: Abusing Active Directory Certificate Services
ForgeCert uses the BouncyCastle C# API and a stolen Certificate Authority (CA) certificate + private key to forge certificates
The AOL Screen Name Exploit of 2000 https://g.livejournal.com/8724.html
Livejournal
The AOL Screen Name Exploit of 2000
I should start by saying that there were several AOL screen name exploits around that time, regime2k, etc. It was the golden age of AOL hacking, or "hacking" if you're an efnet elitist — but this exploit was different. It was skid treasure. I skipped school…
Talos Takes Ep. #55: How Transparent Tribe could evolve in the future https://blog.talosintelligence.com/2021/05/talos-takes-ep-55-how-transparent-tribe.html
Cisco Talos Blog
Talos Takes Ep. #55: How Transparent Tribe could evolve in the future
The latest episode of Talos Takes is available now. Download this episode and subscribe to Talos Takes using the buttons below, or visit the Talos Takes page.
We recently covered how the Transparent Tribe APT added another RAT to its arsenal. Where might…
We recently covered how the Transparent Tribe APT added another RAT to its arsenal. Where might…
PandoraFMS 755 - Chained XSS + .htaccess RCE https://k4m1ll0.com/chained_exploit_htaccess.html
K4M1Ll0
CVE Chained Exploit htaccess PandoraFMS
cve-chained-exploit-htaccess
Mama Always Told Me Not to Trust Strangers without Certificates https://blog.grimm-co.com/2021/09/mama-always-told-me-not-to-trust.html