Rootend - A *Nix Enumerator And Auto Privilege Escalation Tool https://www.kitploit.com/2021/09/rootend-nix-enumerator-and-auto.html
KitPloit - PenTest & Hacking Tools
Rootend - A *Nix Enumerator And Auto Privilege Escalation Tool
Automation in Reverse Engineering C++ STL/Template Code https://www.msreverseengineering.com/blog/2021/9/21/automation-in-reverse-engineering-c-template-code
Möbius Strip Reverse Engineering
Automation in Reverse Engineering C++ STL/Template Code — Möbius Strip Reverse Engineering
Overview and Motivation
High-Severity RCE Vulnerability Found in Several Netgear Routers https://cybersecuritylog.com/high-severity-rce-vulnerability-found-in-several-netgear-routers
Cybersecuritylog
High-Severity RCE Vulnerability Found in Several Netgear Routers
Cybersecurity experts discovered a serious RCE vulnerability in several Netgear models.
#OMIGOD Exploits Captured in the Wild. Researchers responsible for half of scans for related ports https://isc.sans.edu/diary/rss/27852
SANS Internet Storm Center
InfoSec Handlers Diary Blog
#OMIGOD Exploits Captured in the Wild. Researchers responsible for half of scans for related ports., Author: Johannes Ullrich
Making permissions auto-reset available to billions more devices https://android-developers.googleblog.com/2021/09/making-permissions-auto-reset-available.html?m=1
Android Developers Blog
Making permissions auto-reset available to billions more devices
Posted by Peter Visontay, Software Engineer; Bessie Jiang, Software Engineer Contributors: Inara Ramji, Software Engineer; Rodrigo Farel...
Analyzing The ForcedEntry Zero-Click iPhone Exploit Used By Pegasus https://www.trendmicro.com/en_us/research/21/i/analyzing-pegasus-spywares-zero-click-iphone-exploit-forcedentry.html
Trend Micro
Analyzing The ForcedEntry Zero-Click iPhone Exploit Used By Pegasus
Citizen Lab has released a report on a new iPhone threat dubbed ForcedEntry. This zero-click exploit seems to be able to circumvent Apple's BlastDoor security, and allow attackers access to a device without user interaction.
Analyzing attacks that exploit the CVE-2021-40444 MSHTML vulnerability https://www.microsoft.com/security/blog/2021/09/15/analyzing-attacks-that-exploit-the-mshtml-cve-2021-40444-vulnerability/
Microsoft Security Blog
Analyzing attacks that exploit the CVE-2021-40444 MSHTML vulnerability | Microsoft Security Blog
This blog details our in-depth analysis of the attacks that used the CVE-2021-40444, provides detection details and investigation guidance for Microsoft 365 Defender customers, and lists mitigation steps for hardening networks against this and similar attacks.
Numando: Count once, code twice https://www.welivesecurity.com/2021/09/17/numando-latam-banking-trojan/
WeLiveSecurity
Numando: Count once, code twice
ESET Research continues its series on Latin American banking trojans, this time dissecting Numando, which targets mainly Brazil and rarely Mexico and Spain.
Deus x64: computer security challenges regarding reverse-engineering and binary exploitation https://deusx64.ai/
Deus x64 | RET2 Systems
Deus x64 is an upcoming computer security and binary exploitation wargame by RET2 Systems
CVE-2021-26084: Details on the Recently Exploited Atlassian Confluence OGNL Injection Bug https://www.zerodayinitiative.com/blog/2021/9/21/cve-2021-26084-details-on-the-recently-exploited-atlassian-confluence-ognl-injection-bug
Zero Day Initiative
Zero Day Initiative — CVE-2021-26084: Details on the Recently Exploited Atlassian Confluence OGNL Injection Bug
In this excerpt of a Trend Micro Vulnerability Research Service vulnerability report, Guy Lederfein and Yazhi Wang of the Trend Micro Research Team detail a recent code injection bug in the Atlassian Confluence server. Since the publication of the vendor…
ForgeCert: Abusing Active Directory Certificate Services https://securityonline.info/forgecert-abusing-active-directory-certificate-services/
Cybersecurity News
ForgeCert: Abusing Active Directory Certificate Services
ForgeCert uses the BouncyCastle C# API and a stolen Certificate Authority (CA) certificate + private key to forge certificates
The AOL Screen Name Exploit of 2000 https://g.livejournal.com/8724.html
Livejournal
The AOL Screen Name Exploit of 2000
I should start by saying that there were several AOL screen name exploits around that time, regime2k, etc. It was the golden age of AOL hacking, or "hacking" if you're an efnet elitist — but this exploit was different. It was skid treasure. I skipped school…
Talos Takes Ep. #55: How Transparent Tribe could evolve in the future https://blog.talosintelligence.com/2021/05/talos-takes-ep-55-how-transparent-tribe.html
Cisco Talos Blog
Talos Takes Ep. #55: How Transparent Tribe could evolve in the future
The latest episode of Talos Takes is available now. Download this episode and subscribe to Talos Takes using the buttons below, or visit the Talos Takes page.
We recently covered how the Transparent Tribe APT added another RAT to its arsenal. Where might…
We recently covered how the Transparent Tribe APT added another RAT to its arsenal. Where might…
PandoraFMS 755 - Chained XSS + .htaccess RCE https://k4m1ll0.com/chained_exploit_htaccess.html
K4M1Ll0
CVE Chained Exploit htaccess PandoraFMS
cve-chained-exploit-htaccess
Mama Always Told Me Not to Trust Strangers without Certificates https://blog.grimm-co.com/2021/09/mama-always-told-me-not-to-trust.html
Financially motivated actor breaks certificate parsing to avoid detection https://blog.google/threat-analysis-group/financially-motivated-actor-breaks-certificate-parsing-avoid-detection/
Google
Financially motivated actor breaks certificate parsing to avoid detection
Financially motivatedt threat actor breaks certificate parsing to avoid detection
Disclosure of three 0-day iOS vulnerabilities and critique of Apple Security Bounty program https://habr.com/en/post/579714/
CVE-2021-39246 – Tor Browser through 10.5.6 and 11.x through 11.0a4 allows a correlation attack excessive verbose logging – Windows, macOS, Linux https://sick.codes/sick-2021-111/
Sick.Codes
CVE-2021-39246 – Tor Browser through 10.5.6 and 11.x through 11.0a4 allows a correlation attack excessive verbose logging – Windows…
Title CVE-2021-39246 – Tor Browser through 10.5.6 and 11.x through 11.0a4 allows a correlation attack excessive verbose logging – Windows, macOS, Linux CVE ID CVE-2021-39246 CVSS Score 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N Internal ID SICK-2021…
Massive DDoS attacks on VoIP Providers and simulated DDoS testing https://www.rtcsec.com/post/2021/09/massive-ddos-attacks-on-voip-providers-and-simulated-ddos-testing/
Enablesecurity
Massive DDoS attacks on VoIP Providers and simulated DDoS testing
DDoS on SIP servers are crippling VoIP providers. We explain how to do DDoS simulation during pentesting with SIPVicious PRO and how to mitigate these attacks.
Detecting and Hunting for the PetitPotam NTLM Relay Attack https://research.nccgroup.com/2021/09/23/detecting-and-hunting-for-the-petitpotam-ntlm-relay-attack/
VMware CVE-2021-22005 Technical & Impact analysis
https://censys.io/blog/vmware-cve-2021-22005-technical-impact-analysis/
https://censys.io/blog/vmware-cve-2021-22005-technical-impact-analysis/
Censys
VMware CVE-2021-22005 Technical & Impact analysis