Double-check Inputs to Avoid SSRF Vulnerability https://blog.securelayer7.net/double-check-inputs-to-avoid-ssrf-vulnerability/
Chrome in-the-wild bug analysis: CVE-2021-37975 https://securitylab.github.com/research/in_the_wild_chrome_cve_2021_37975/
How a simple Linux kernel memory corruption bug can lead to complete system compromise https://googleprojectzero.blogspot.com/2021/10/how-simple-linux-kernel-memory.html
Blogspot
How a simple Linux kernel memory corruption bug can lead to complete system compromise
An analysis of current and potential kernel security mitigations Posted by Jann Horn, Project Zero Introduction This blog post de...
Applying Fuzzing Techniques Against PDFTron (part 1 & part 2) https://blog.haboob.sa/blog/applying-fuzzing-techniques-against-pdftron-part-1 https://blog.haboob.sa/blog/applying-fuzzing-techniques-against-pdftron-part-2
Haboob
Applying Fuzzing Techniques Against PDFTron: Part 1 — Haboob
Introduction: PDFTron SDK brings a wide variety of PDF parsing functionalities. It varies from reading and viewing PDF files to converting PDF files to different file formats. The provided SDK is widely used and supports multiple platforms, it also exposes…
Building a POC for CVE-2021-40438 https://firzen.de/building-a-poc-for-cve-2021-40438
New primitive improvement on heap attacks » House of IO - Heap Reuse https://maxwelldulin.com/BlogPost?post=6295828480
Into the art of Binary Exploitation 0x000003 [Prominence of Integer-Overflow] https://infosecwriteups.com/into-the-art-of-binary-exploitation-0x000003-prominence-of-integer-overflow-cea6abd2cce4
Medium
Into the art of Binary Exploitation 0x000003 [Prominence of Integer-Overflow]
Hey hackers ✋✋, I’m back again with another portion of our enterprise, the binary exploitation series. In case you’re perusing my article…
Memory Forensics R&D Illustrated: Detecting Mimikatz's Skeleton Key Attack https://volatility-labs.blogspot.com/2021/10/memory-forensics-r-illustrated.html
Blogspot
Memory Forensics R&D Illustrated: Detecting Mimikatz's Skeleton Key Attack
In this blog post, we are going to walk you through the research and development process that leads to new and powerful memory analysis capa...
Google Chrome Vulnerability Worth for $6K: Use After Free (CVE-2021-30573) https://securityforeveryone.com/blog/google-chrome-zero-day-vulnerability-cve-2021-30573
Securityforeveryone
Google Chrome Vulnerability Worth for $6K: Use After Free (CVE-2021-30573)
As the S4E team, we found the use after free vulnerability that we detected in the latest version of Google Chrome. Although we focus on customer feedback on our products in the early stage of our startup, we conduct various vulnerability studies and challenging…
A step-by-step analysis of a new version of Darkside Ransomware (v. 2.1.2.3) https://cybergeeks.tech/a-step-by-step-analysis-of-a-new-version-of-darkside-ransomware/
Decompiled code matching via AST features https://fernandodoming.github.io/posts/ast-feature-comparison/
Windows User Profile Service 0day LPE https://halove23.blogspot.com/2021/10/windows-user-profile-service-0day.html
CVE-2021-28632 & CVE-2021-39840: Bypassing Locks in Adobe Reader https://www.zerodayinitiative.com/blog/2021/10/20/cve-2021-28632-amp-cve-2021-39840-bypassing-locks-in-adobe-reader
Zero Day Initiative
Zero Day Initiative — CVE-2021-28632 & CVE-2021-39840: Bypassing Locks in Adobe Reader
Over the past few months, Adobe has patched several remote code execution bugs in Adobe Acrobat and Reader that were reported by researcher Mark Vincent Yason ( @MarkYason ) through our program. Two of these bugs, in particular, CVE-2021-28632 and CVE…
Reverse engineering and game hacking resources https://medium.com/faraday/reverse-engineering-and-game-hacking-resources-211bd4afb939
Medium
Reverse engineering and game hacking resources
Hi there! You are probably here because you listened to our talk at Nerdearla 2021 and want to continue learning. But if you missed the…
All Your (d)Base Are Belong To Us, Part 2: Code Execution in Microsoft Office (CVE-2021–38646) https://medium.com/csg-govtech/all-your-d-base-are-belong-to-us-part-2-code-execution-in-microsoft-office-cve-2021-38646-fa6e70362162
Medium
All Your (d)Base Are Belong To Us, Part 2: Code Execution in Microsoft Office (CVE-2021–38646)
From fuzzing to exploit
How to build a network scanning analysis platform — Part I https://medium.com/@fapro0/how-to-build-a-network-scanning-analysis-platform-part-i-efab6740b740
Medium
How to build a network scanning analysis platform — Part I
As the network becomes more and more developed, various kinds of traffic in the network are also increasing. Search engines, attack…
Interactive cheat sheet of offensive security tools and their respective commands, to be used against Windows/AD environments https://wadcoms.github.io/
"Stolen Images Evidence" campaign pushes Sliver-based malware https://isc.sans.edu/diary/27954
SANS Internet Storm Center
"Stolen Images Evidence" campaign pushes Sliver-based malware
"Stolen Images Evidence" campaign pushes Sliver-based malware, Author: Brad Duncan
Forced Entry: A Security Test for Automatic Garage Doors https://www.trendmicro.com/en_us/research/21/j/forced-entry-a-security-test-for-automatic-garage-doors.html
Trend Micro
Forced Entry: A Security Test for Automatic Garage Doors
In this blog entry we revisit threats to automatic garage doors by using SDR to test two attack scenarios. We demonstrate a rolling code attack and one that involves a hidden remote feature.
Microsoft no longer signs Windows drivers for Process Hacker https://borncity.com/win/2021/10/23/microsoft-signiert-windows-treiber-fr-process-hacker-nicht-mehr/
Born's Tech and Windows World
Microsoft no longer signs Windows drivers for Process Hacker
[German]Brief information, which is already here with me since August 2021, but which I have not yet addressed in the blog. David Xanatos has pointed out to me that Microsoft is refusing to sign drivers for the new Process Hacker without giving any further…
Writing Disassemblers for VM-based Obfuscators https://synthesis.to/2021/10/21/vm_based_obfuscation.html