Wslink: Unique and undocumented malicious loader that runs as a server https://www.welivesecurity.com/2021/10/27/wslink-unique-undocumented-malicious-loader-runs-server/
WeLiveSecurity
Wslink: Unique and undocumented malicious loader that runs as a server
ESET research discovers a unique loader for Windows binaries that, unlike other such loaders, runs as a server and executes received modules in memory.
Unauthenticated Remote Code Execution (RCE) vulnerability in Hikvision IP camera/NVR firmware (CVE-2021-36260) https://watchfulip.github.io/2021/09/18/Hikvision-IP-Camera-Unauthenticated-RCE.html
Bindiff and POC for the IOMFB vulnerability, iOS 15.0.2 https://movaxbx.ru/2021/10/27/bindiff-and-poc-for-the-iomfb-vulnerability-ios-15-0-2/
mov ax,bx
Bindiff and POC for the IOMFB vulnerability, iOS 15.0.2
Bindiff and POC for the IOMFB vulnerability, iOS 15.0.2, vulnerability in IOMobileFrameBuffer/AppleCLCD CVE-2021-30883. #ios #sandbox #lpe #exploit #jailbreak
Microsoft finds new macOS vulnerability, Shrootless, that could bypass System Integrity Protection https://www.microsoft.com/security/blog/2021/10/28/microsoft-finds-new-macos-vulnerability-shrootless-that-could-bypass-system-integrity-protection/
Microsoft News
Microsoft finds new macOS vulnerability, Shrootless, that could bypass System Integrity Protection
Microsoft found a vulnerability (CVE-2021-30892) that could allow an attacker to bypass System Integrity Protection (SIP) in macOS. We shared our findings with Apple via coordinated vulnerability disclosure, and a fix was released October 26.
FormatFuzzer: framework for high-efficiency, high-quality generation and parsing of binary inputs https://uds-se.github.io/FormatFuzzer/
Network Capture with Process Name and PID on macOS https://nuxx.net/blog/2021/10/29/network-capture-with-process-name-and-pid-on-macos/
How Microsoft reduced Windows 11 update size by 40%
https://techcommunity.microsoft.com/t5/windows-it-pro-blog/how-microsoft-reduced-windows-11-update-size-by-40/ba-p/2839794
https://techcommunity.microsoft.com/t5/windows-it-pro-blog/how-microsoft-reduced-windows-11-update-size-by-40/ba-p/2839794
TECHCOMMUNITY.MICROSOFT.COM
How Microsoft reduced Windows 11 update size by 40%
Reducing update size is important to you, and to us. Explore the techniques we used in Windows 11.
PuzzleMaker attacks with Chrome zero-day exploit chain https://securelist.com/puzzlemaker-chrome-zero-day-exploit-chain/102771/
Securelist
PuzzleMaker attacks with Chrome zero-day exploit chain
We detected a wave of highly targeted attacks that exploited a chain of Google Chrome and Microsoft Windows zero-day exploits.
Windows security book in web form » https://docs.microsoft.com/en-us/windows/security/
Docs
Windows security documentation
Windows is designed with zero-trust principles at its core, offering powerful security from chip to cloud. As organizations embrace hybrid work environments, the need for robust security solutions becomes paramount. Windows integrates advanced hardware and…
A Technical Analysis of CVE-2021-30864: Bypassing App Sandbox Restrictions https://perception-point.io/a-technical-analysis-of-cve-2021-30864-bypassing-app-sandbox-restrictions/
Fortinet
FortiMail Workspace Security | Fortinet
FortiMail Workspace Security secures user-facing apps from advanced threats that target Email, Browsers, Collaboration Tools and Cloud Storage Apps.
Heap Overflows For Humans 102 https://www.fuzzysecurity.com/tutorials/mr_me/3.html
XMachOViewer: Mach-O viewer for Windows, Linux and MacOS https://github.com/horsicq/XMachOViewer
GitHub
GitHub - horsicq/XMachOViewer: XMachOViewer is a Mach-O viewer for Windows, Linux and MacOS
XMachOViewer is a Mach-O viewer for Windows, Linux and MacOS - horsicq/XMachOViewer
Linux Heap Exploitation Intro Series: The magicians cape – 1 Byte Overflow https://sensepost.com/blog/2017/linux-heap-exploitation-intro-series-the-magicians-cape-1-byte-overflow/
CVE-2021-33742: Internet Explorer out-of-bounds write in MSHTML https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2021/CVE-2021-33742.html