Let’s talk about PAKE https://blog.cryptographyengineering.com/2018/10/19/lets-talk-about-pake/
A Few Thoughts on Cryptographic Engineering
Let’s talk about PAKE
The first rule of PAKE is: nobody ever wants to talk about PAKE. The second rule of PAKE is that this is a shame, because PAKE — which stands for Password Authenticated Key Exchange — is actually o…
Flare-On 8 – Task 9 write-up https://hshrzd.wordpress.com/2021/10/23/flare-on-8-task-9/
hasherezade's 1001 nights
Flare-On 8 – Task 9
Flare-On is an annual “reverse engineering marathon” organized by Mandiant (formerly by FireEye). You can see more information here. It is a Capture-The-Flag type of a contest, where yo…
MirrorBlast and TA505: Examining Similarities in Tactics, Techniques and Procedures https://threatresearch.ext.hp.com/mirrorblast-and-ta505-examining-similarities-in-tactics-techniques-and-procedures/
HP Wolf Security
MirrorBlast and TA505: Examining Similarities in Tactics, Techniques and Procedures - HP Wolf Security
Don’t let cyber threats get the best of you. Read our post, MirrorBlast and TA505: Examining Similarities in Tactics, Techniques and Procedures, to learn more about cyber threats and cyber security.
Technical Advisory – Apple XAR – Arbitrary File Write (CVE-2021-30833) https://research.nccgroup.com/2021/10/28/technical-advisory-apple-xar-arbitrary-file-write-cve-2021-30833/
NCC Group Research Blog
Technical Advisory – Apple XAR – Arbitrary File Write (CVE-2021-30833)
Vendor: Apple Vendor URL: Versions affected: xar 1.8-dev Systems Affected: macOS versions below 12.0.1 Author: Richard Warren <richard.warren[at]nccgroup[dot]trust> Advisory URL: CV…
Flare-On 2021: antioch https://0xdf.gitlab.io/flare-on-2021/antioch
0xdf hacks stuff
Flare-On 2021: antioch
antioch was a challenge based on the old movie, Monty Python and the Holy Grail. I’m given a Tar archive, which is a Docker image, the output of a command like docker save. It has a lot of layer data, but most the layers are not referenced in the manifest.…
ThreadStackSpoofer - PoC For An Advanced In-Memory Evasion Technique Allowing To Better Hide Injected Shellcode'S Memory Allocation From Scanners And Analysts https://www.kitploit.com/2021/10/threadstackspoofer-poc-for-advanced-in.html
Kitploit
Kitploit – Maintenance in Progress
Kitploit is temporarily under maintenance. We’ll be back shortly with improvements.
Issue 2229: Linux: UAF read in SELinux handler for PTRACE_TRACEME https://bugs.chromium.org/p/project-zero/issues/detail?id=2229
How to exploit a double free vulnerability in 2021. 'Use After Free for Dummies' https://github.com/stong/how-to-exploit-a-double-free
GitHub
GitHub - stong/how-to-exploit-a-double-free: How to exploit a double free vulnerability in 2021. Use After Free for Dummies
How to exploit a double free vulnerability in 2021. Use After Free for Dummies - stong/how-to-exploit-a-double-free
DRIDEX: Analysing API Obfuscation Through VEH https://www.0ffset.net/reverse-engineering/malware-analysis/dridex-veh-api-obfuscation/
0ffset Training Solutions | Practical and Affordable Cyber Security Training
DRIDEX: Analysing API Obfuscation Through VEH | 0ffset
DRIDEX is one of the most famous and prevalent banking Trojans that dates back to around late 2014. Throughout its improvement and variations, DRIDEX has been successful in targeting the financial services sector to steal banking information and crucial user…
Wslink: Unique and undocumented malicious loader that runs as a server https://www.welivesecurity.com/2021/10/27/wslink-unique-undocumented-malicious-loader-runs-server/
WeLiveSecurity
Wslink: Unique and undocumented malicious loader that runs as a server
ESET research discovers a unique loader for Windows binaries that, unlike other such loaders, runs as a server and executes received modules in memory.
Unauthenticated Remote Code Execution (RCE) vulnerability in Hikvision IP camera/NVR firmware (CVE-2021-36260) https://watchfulip.github.io/2021/09/18/Hikvision-IP-Camera-Unauthenticated-RCE.html
Bindiff and POC for the IOMFB vulnerability, iOS 15.0.2 https://movaxbx.ru/2021/10/27/bindiff-and-poc-for-the-iomfb-vulnerability-ios-15-0-2/
mov ax,bx
Bindiff and POC for the IOMFB vulnerability, iOS 15.0.2
Bindiff and POC for the IOMFB vulnerability, iOS 15.0.2, vulnerability in IOMobileFrameBuffer/AppleCLCD CVE-2021-30883. #ios #sandbox #lpe #exploit #jailbreak
Microsoft finds new macOS vulnerability, Shrootless, that could bypass System Integrity Protection https://www.microsoft.com/security/blog/2021/10/28/microsoft-finds-new-macos-vulnerability-shrootless-that-could-bypass-system-integrity-protection/
Microsoft News
Microsoft finds new macOS vulnerability, Shrootless, that could bypass System Integrity Protection
Microsoft found a vulnerability (CVE-2021-30892) that could allow an attacker to bypass System Integrity Protection (SIP) in macOS. We shared our findings with Apple via coordinated vulnerability disclosure, and a fix was released October 26.
FormatFuzzer: framework for high-efficiency, high-quality generation and parsing of binary inputs https://uds-se.github.io/FormatFuzzer/
Network Capture with Process Name and PID on macOS https://nuxx.net/blog/2021/10/29/network-capture-with-process-name-and-pid-on-macos/
How Microsoft reduced Windows 11 update size by 40%
https://techcommunity.microsoft.com/t5/windows-it-pro-blog/how-microsoft-reduced-windows-11-update-size-by-40/ba-p/2839794
https://techcommunity.microsoft.com/t5/windows-it-pro-blog/how-microsoft-reduced-windows-11-update-size-by-40/ba-p/2839794
TECHCOMMUNITY.MICROSOFT.COM
How Microsoft reduced Windows 11 update size by 40%
Reducing update size is important to you, and to us. Explore the techniques we used in Windows 11.
PuzzleMaker attacks with Chrome zero-day exploit chain https://securelist.com/puzzlemaker-chrome-zero-day-exploit-chain/102771/
Securelist
PuzzleMaker attacks with Chrome zero-day exploit chain
We detected a wave of highly targeted attacks that exploited a chain of Google Chrome and Microsoft Windows zero-day exploits.