XMachOViewer: Mach-O viewer for Windows, Linux and MacOS https://github.com/horsicq/XMachOViewer
GitHub
GitHub - horsicq/XMachOViewer: XMachOViewer is a Mach-O viewer for Windows, Linux and MacOS
XMachOViewer is a Mach-O viewer for Windows, Linux and MacOS - horsicq/XMachOViewer
Linux Heap Exploitation Intro Series: The magicians cape – 1 Byte Overflow https://sensepost.com/blog/2017/linux-heap-exploitation-intro-series-the-magicians-cape-1-byte-overflow/
CVE-2021-33742: Internet Explorer out-of-bounds write in MSHTML https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2021/CVE-2021-33742.html
Detecting CONTI CobaltStrike Lateral Movement Techniques - Part 2 https://www.unh4ck.com/detection-engineering-and-threat-hunting/lateral-movement/detecting-conti-cobaltstrike-lateral-movement-techniques-part-2
Unh4Ck
Detecting CONTI CobaltStrike Lateral Movement Techniques - Part 2 | Cyb3rSn0rlax
Detection opportunities on lateral movement techniques used by CONTI ransomware group using CobaltStrike.
Use-After-Free in Voice Control: CVE-2021-30902 Write-up https://blog.zecops.com/research/use-after-free-in-voice-control-cve-2021-30902/
Jamf
Jamf Threat Labs | Blog
Malicious code analysis: Abusing SAST (mis)configurations to hack CI systems https://medium.com/cider-sec/malicious-code-analysis-abusing-sast-mis-configurations-to-hack-ci-systems-13d5c1b37ffe
Medium
Malicious code analysis: Abusing SAST (mis)configurations to hack CI systems
What happens when SAST tools do more than just scanning? What if security scanners abuse their privileges?
Mimalloc: Free List Sharding in Action https://www.microsoft.com/en-us/research/uploads/prod/2019/06/mimalloc-tr-v1.pdf
How SSL certificates are leaking sensitive information
https://labs.detectify.com/2021/11/05/how-ssl-certificates-are-leaking-sensitive-information/
https://labs.detectify.com/2021/11/05/how-ssl-certificates-are-leaking-sensitive-information/
¿Cómo ceder datos personales a terceros cumpliendo con GDPR? https://asentify.com/como-ceder-datos-personales-a-terceros-cumpliendo-con-gdpr/
Asentify
¿Cómo ceder datos personales a terceros cumpliendo con GDPR? - Asentify
La nueva normativa europea GDPR significa un cambio de paradigma en cuanto al tratamiento de datos personales. Uno de los puntos más complejos para las empresas es la cesión a terceros, cuyo punto clave es el consentimiento explícito. Los nuevos requerimientos…
Driftwood: Know if Private Keys are Sensitive
https://trufflesecurity.com/blog/driftwood
https://trufflesecurity.com/blog/driftwood
Trufflesecurity
Introducing Driftwood: Know if Private Keys are Sensitive ◆ Truffle Security Co.
Asymmetric private keys are among the most often leaked out. We’re open sourcing a tool that immediately tells you if one is sensitive https://github.com/trufflesecurity/driftwood. With this tool we found the private keys for hundreds of TLS certificates…
GDPR Enforcement Tracker: overview of fines and penalties regarding GDPR https://www.enforcementtracker.com/
Enforcementtracker
GDPR Enforcement Tracker - list of GDPR fines
List and overview of fines and penalties under the EU General Data Protection Regulation (GDPR, DSGVO)
This is how I bypassed almost every EDR! https://medium.com/@omribaso/this-is-how-i-bypassed-almost-every-edr-6e9792cf6c44
Medium
This is how I bypassed almost every EDR!
First of all, let me introduce myself, my name is Omri Baso, I’m 24 years old from Israel and I’m a red teamer and a security researcher…
Ukraine discloses identity of Gamaredon members, links it to Russia’s FSB https://therecord.media/ukraine-discloses-identity-of-gamaredon-members-links-it-to-russias-fsb/
The Record
Ukraine discloses identity of Gamaredon members, links it to Russia’s FSB
The Ukrainian Security Service (SSU) has revealed today the real identities of five members of the Gamaredon cyber-espionage group, linking its members to the Crimean branch of the Russian Federal Security Service (FSB).
How to exploit CVE-2021-40539 on ManageEngine ADSelfService Plus https://www.synacktiv.com/publications/how-to-exploit-cve-2021-40539-on-manageengine-adselfservice-plus.html
Synacktiv
How to exploit CVE-2021-40539 on ManageEngine ADSelfService Plus
A detailed analysis of the STOP/Djvu Ransomware https://cybergeeks.tech/a-detailed-analysis-of-the-stop-djvu-ransomware/
TA575 Uses ‘Squid Game’ Lures to Distribute Dridex malware https://www.proofpoint.com/us/blog/threat-insight/ta575-uses-squid-game-lures-distribute-dridex-malware
Proofpoint
TA575 Uses ‘Squid Game’ Lures to Distribute Dridex malware | Proofpoint US
Want to be in season two of the Netflix phenomenon? You might not like the hidden cost...
Spectre v4.0: the speed of malware threats after the pandemics https://yoroi.company/research/spectre-v4-0-the-speed-of-malware-threats-after-the-pandemics/
Yoroi
Spectre v4.0: the speed of malware threats after the pandemics - Yoroi
Introduction Cybercrime is today the first threat for businesses and actors are still evolving their malicious business models. In fact, the criminal ecosystem goes beyond the Malware-as-a-Service, many malware developers are increasing their dangerousn…
‘Tortilla’ Wraps Exchange Servers in ProxyShell Attacks https://threatpost.com/tortilla-exchange-servers-proxyshell/175967/
Threat Post
‘Tortilla’ Wraps Exchange Servers in ProxyShell Attacks
The Microsoft Exchange ProxyShell vulnerabilities are being exploited yet again for ransomware, this time with Babuk from the new "Tortilla" threat actor.
Mekotio Banker Returns with Improved Stealth and Ancient Encryption https://research.checkpoint.com/2021/mekotio-banker-returns-with-improved-stealth-and-ancient-encryption/
Check Point Research
Mekotio Banker Returns with Improved Stealth and Ancient Encryption - Check Point Research
Research by: Arie Olshtein & Abedalla Hadra A banking Trojan called “Mekotio” that targeted Latin America countries in the past, now making a comeback with a change in its infection flow. Check Point Research (CPR) detected over 100 attacks in recent weeks…
Practical MBA Deobfuscation with msynth https://synthesis.to/2021/11/11/practical_mba_deobfuscation.html