Remote Command Execution in Visual Studio Code Remote Development Extension https://www.shielder.it/advisories/remote-command-execution-in-visual-studio-code-remote-development-extension/
Shielder
Shielder - Remote Command Execution in Visual Studio Code Remote Development Extension 1.50
Visual Studio Code Remote Development Extension 1.50 failed to sanitize the host field before using it as an argument of the ssh command, allowing to inject a ProxyCommand option which could be used to run arbitray commands.
CVE-2021-40444 - Fully Weaponized Microsoft Office Word RCE Exploit https://github.com/klezVirus/CVE-2021-40444
GitHub
GitHub - klezVirus/CVE-2021-40444: CVE-2021-40444 - Fully Weaponized Microsoft Office Word RCE Exploit
CVE-2021-40444 - Fully Weaponized Microsoft Office Word RCE Exploit - klezVirus/CVE-2021-40444
fail2ban – Remote Code Execution https://research.securitum.com/fail2ban-remote-code-execution/
research.securitum.com
fail2ban - Remote Code Execution - research.securitum.com
This article is about the recently published security advisory for a pretty popular software, fail2ban (CVE-2021-32749). It is about a bug that may lead to Remote Code Execution.
Stealing weapons from the Armoury (CVE-2021-40981 analysis) https://aptw.tf/2021/09/24/armoury-crate-privesc.html
Catching the big fish: Analyzing a large-scale phishing-as-a-service operation https://www.microsoft.com/security/blog/2021/09/21/catching-the-big-fish-analyzing-a-large-scale-phishing-as-a-service-operation/
Microsoft News
Catching the big fish: Analyzing a large-scale phishing-as-a-service operation
With over 100 available phishing templates that mimic known brands and services, the BulletProofLink operation is responsible for many of the phishing campaigns that impact enterprises today. We are sharing these findings so the broader community can build…
Cryptominer z0Miner Uses Newly Discovered Vulnerability CVE-2021-26084 to Its Advantage https://www.trendmicro.com/en_us/research/21/i/cryptominer-z0miner-uses-newly-discovered-vulnerability-cve-2021.html
Trend Micro
Cryptominer z0Miner Uses Newly Discovered Vulnerability CVE-2021-26084 to Its Advantage
Recently, we discovered that the cryptomining trojan z0Miner has been taking advantage of the Atlassian’s Confluence remote code execution (RCE) vulnerability assigned as CVE-2021-26084, which was disclosed by Atlassian in August.
A new APT is targeting hotels across the world https://therecord.media/a-new-apt-is-targeting-hotels-across-the-world/
Getting started in macOS security https://theevilbit.github.io/posts/getting_started_in_macos_security/
theevilbit blog
Getting started in macOS security
Many people used to ask me where to start learning about macOS security or exploitation, what are the trainings or books out there that can help with this topic. Nowadays there are a few trainings, which can get you started. Other great resources for macOS…
Examining the Cring Ransomware Techniques https://www.trendmicro.com/en_us/research/21/i/examining-the-cring-ransomware-techniques.html
Trend Micro
Examining the Cring Ransomware Techniques
In this entry, we look at the techniques typically employed by the Cring ransomware, as well as the most affected regions and industries.
Python implementation for PrintNightmare (CVE-2021-1675 / CVE-2021-34527) https://github.com/ollypwn/PrintNightmare
GitHub
GitHub - ly4k/PrintNightmare: Python implementation for PrintNightmare (CVE-2021-1675 / CVE-2021-34527)
Python implementation for PrintNightmare (CVE-2021-1675 / CVE-2021-34527) - GitHub - ly4k/PrintNightmare: Python implementation for PrintNightmare (CVE-2021-1675 / CVE-2021-34527)
Costly mistakes made by developers when managing secrets and how to avoid them https://boemo1mmopelwa.medium.com/costly-mistakes-made-by-developers-when-managing-secrets-and-how-to-avoid-them-a7b622d27a17
Medium
Costly mistakes made by developers when managing secrets and how to avoid them
There’s now more money and information stored digitally than physically. Secrets unlock the infrastructure holding millions of dollars and…
"A tale of making internet pollution free" - Exploiting Client-Side Prototype Pollution in the wild https://blog.s1r1us.ninja/research/PP
blog.s1r1us.ninja
s1r1us - Prototype Pollution
Introduction
Zloader Campaigns at a Glance https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/zloader-campaigns-at-a-glance
Trendmicro
Zloader Campaigns at a Glance
Our infographic provides a quick and comprehensive overview of Zloader, which has been involved in numerous campaigns over the past few years.
TrustedInstaller, parando Windows Defender https://www.securityartwork.es/2021/09/27/trustedinstaller-parando-windows-defender/
Security Art Work
TrustedInstaller, parando Windows Defender - Security Art Work
A menudo, durante un proceso de intrusión puede sernos de utilidad disponer de la capacidad de deshabilitar las medidas de defensa del equipo objetivo. Para aquellos pentesters que ya hayan probado las mieles de la solución de seguridad embarcada por defecto…
Chrome in-the-wild bug analysis: CVE-2021-30632 https://securitylab.github.com/research/in_the_wild_chrome_cve_2021_30632/
All Your (d)Base Are Belong To Us, Part 1: Code Execution in Apache OpenOffice (CVE-2021-33035) https://spaceraccoon.dev/all-your-d-base-are-belong-to-us-part-1-code-execution-in-apache-openoffice?pk_campaign=rss-feed
spaceraccoon.dev
All Your (d)Base Are Belong To Us, Part 1: Code Execution in Apache OpenOffice (CVE-2021-33035) — spaceraccoon.dev
Note: This is a mirror of the Medium blogpost. Introduction Venturing out into the wilderness of vulnerability research can be a daunti...
RPI4 KVM for Malware Analysis https://honeypot.lol/posts/rpi4-kvm-for-malware-analysis/
Expert discloses new iPhone lock screen vulnerability in iOS 15 https://securityaffairs.co/wordpress/122740/hacking/lock-screen-vulnerability.html
Security Affairs
Expert discloses new iPhone lock screen vulnerability in iOS 15
The security researcher Jose Rodriguez discovered a new lock screen vulnerability for iOS 15 (& iOS 14.8) that has yet to be fixed.
Patching A Java .class File https://blog.didierstevens.com/2021/09/26/patching-a-java-class-file/
Didier Stevens
Patching A Java .class File
010 Editor is one of few commercial applications that I use daily. It’s a powerful binary editor with scripting and templates. I recently had to patch a Java .class file: extend a string insi…