Worth reading » A deep dive into an NSO zero-click iMessage exploit: Remote Code Execution https://googleprojectzero.blogspot.com/2021/12/a-deep-dive-into-nso-zero-click.html
projectzero.google
A deep dive into an NSO zero-click iMessage exploit: Remote Code Execution - Project Zero
Posted by Ian Beer & Samuel Groß of Google Project Zero We want to thank Citizen Lab for sharing a sample of the FORCEDENTRY exploit with us, and...
This shouldn't have happened: A vulnerability postmortem https://googleprojectzero.blogspot.com/2021/12/this-shouldnt-have-happened.html
Blogspot
This shouldn't have happened: A vulnerability postmortem
Posted by Tavis Ormandy, Project Zero Introduction This is an unusual blog post. I normally write posts to highlight some hidden att...
Reverse Engineering Crypto Functions: AES https://www.goggleheadedhacker.com/blog/post/reversing-crypto-functions-aes
GoggleHeadedHacker
Reverse Engineering Crypto Functions: AES
This tutorial will show how two methods of implementing the AES algorithm work. It will also demonstrate how to identify these methods in Assembly when reverse engineering an application.
Researcher publishes PoC for Active Directory Domain Services Elevation of Privilege Vulnerability (CVE-2021-42287, CVE-2021-42278) https://securityonline.info/researcher-publishes-poc-for-active-directory-domain-services-elevation-of-privilege-vulnerability-cve-2021-42287-cve-2021-42278/
Cybersecurity News
Researcher publishes PoC for Active Directory Domain Services Elevation of Privilege Vulnerability (CVE-2021-42287, CVE-2021-42278)
the details of the vulnerability and the POC of the Microsoft Windows Active Directory domain service privilege escalation vulnerability have been disclosed
Pegasus vs. Predator Dissident’s Doubly-Infected iPhone Reveals Cytrox Mercenary Spyware https://citizenlab.ca/2021/12/pegasus-vs-predator-dissidents-doubly-infected-iphone-reveals-cytrox-mercenary-spyware/
The Citizen Lab
Pegasus vs. Predator
Two Egyptians—exiled politician Ayman Nour and the host of a popular news program (who wishes to remain anonymous)—were hacked with Predator spyware, built and sold by the previously little-known mercenary spyware developer Cytrox. The phone of Ayman Nour…
Magnat campaigns use malvertising to deliver information stealer, backdoor and malicious Chrome extension https://blog.talosintelligence.com/2021/12/magnat-campaigns-use-malvertising-to.html
Cisco Talos Blog
Magnat campaigns use malvertising to deliver information stealer, backdoor and malicious Chrome extension
By Tiago Pereira.
* Talos recently observed a malicious campaign offering fake installers of popular software as bait to get users to execute malware on their systems.
* This campaign includes a set of malware distribution campaigns that started in late…
* Talos recently observed a malicious campaign offering fake installers of popular software as bait to get users to execute malware on their systems.
* This campaign includes a set of malware distribution campaigns that started in late…
Log4j Vulnerability: Attackers Shift Focus From LDAP to RMI https://blogs.juniper.net/en-us/threat-research/log4j-vulnerability-attackers-shift-focus-from-ldap-to-rmi
Juniper Networks
Log4j Vulnerability: Attackers Shift Focus From LDAP to RMI
Juniper Threat Labs has observed variants of the ongoing Log4j CVE-2021-44228 attacks that use an RMI service instead of LDAP.
If You’re Not Doing Continuous Asset Management You’re Not Doing Security https://danielmiessler.com/blog/continuous-asset-management-security/
Danielmiessler
If You’re Not Doing Continuous Asset Management You’re Not Doing Security
April 25, 2018 The more a company can tell me about their assets the better their security is, and the more comprehensive and real-time the inventory is, the mo
A Detailed Guide on Log4J Penetration Testing https://www.hackingarticles.in/a-detailed-guide-on-log4j-penetration-testing/
Hacking Articles
A Detailed Guide on Log4J Penetration Testing
In this article, we are going to discuss and demonstrate in our lab setup, the exploitation of the new vulnerability identified as CVE-2021-44228 affecting the
A Forensic Gold Mine III: Forensic Analysis of the Microsoft Teams Desktop Client https://www.alexbilz.com/post/2021-09-09-forensic-artifacts-microsoft-teams/
I am Alex Bilz
A Forensic Gold Mine III: Forensic Analysis of the Microsoft Teams Desktop Client
In this post, I will look at the abundance of forensic artefacts which can be collected from Microsoft Teams Client on Windows Desktops.
Exploitation of CVE-2021-21220 – From Incorrect JIT Behavior to RCE https://www.zerodayinitiative.com/blog/2021/12/15/exploitation-of-cve-2021-21220-from-incorrect-jit-behavior-to-rce
Zero Day Initiative
Zero Day Initiative — Exploitation of CVE-2021-21220 – From Incorrect JIT Behavior to RCE
In this third and final blog in the series, ZDI Vulnerability Researcher Hossein Lotfi looks at the method of exploiting CVE-2021-21220 for code execution. This bug was used by Bruno Keith ( @bkth_ ) and Niklas Baumstark ( @_niklasb ) of Dataflow…
Inside a PBX - Discovering a Firmware Backdoor https://blog.redteam-pentesting.de/2021/inside-a-pbx/
RedTeam Pentesting - Blog
Inside a PBX - Discovering a Firmware Backdoor
This blog post illustrates how RedTeam Pentesting discovered a real-world backdoor in a widely used Auerswald phone system (see also the advisory and CVE-2021-40859). We will describe the methodology used to find the backdoor by examining the …
Phishing attacks impersonate Pfizer in fake requests for quotation https://www.bleepingcomputer.com/news/security/phishing-attacks-impersonate-pfizer-in-fake-requests-for-quotation/
BleepingComputer
Phishing attacks impersonate Pfizer in fake requests for quotation
Threat actors are conducting a highly targeted phishing campaign impersonating Pfizer to steal business and financial information from victims.
Android Application Testing Using Windows 11 and Windows Subsystem for Android https://sensepost.com/blog/2021/android-application-testing-using-windows-11-and-windows-subsystem-for-android/
DNS Security, Part I: Basic DNS https://educatedguesswork.org/posts/dns-security/
Hook Heaps and Live Free https://www.cyberark.com/resources/threat-research-blog/hook-heaps-and-live-free
Cyberark
Hook Heaps and Live Free
I wanted to write this blog post to talk a bit about Cobalt Strike, function hooking and the Windows heap. We will be targeting BeaconEye (https://github.com/CCob/BeaconEye) as our detection tool...
Hunting for samAccountName Spoofing (CVE-2021–42278) & Domain Controller Impersonation (CVE-2021–42287) https://medium.com/@mvelazco/hunting-for-samaccountname-spoofing-cve-2021-42287-and-domain-controller-impersonation-f704513c8a45
Medium
Hunting for samAccountName Spoofing (CVE-2021–42278) & Domain Controller Impersonation…
Background
MS Teams: 1 feature, 4 vulnerabilities https://positive.security/blog/ms-teams-1-feature-4-vulns
positive.security
MS Teams: 1 feature, 4 vulnerabilities | Positive Security
Microsoft Team's link preview feature is susceptible to spoofing and vulnerable to Server-Side Request Forgery. Team's Android users can be DoS'ed and, in the past, their IP address could be leaked.
Establishing the TigerRAT and TigerDownloader malware families https://threatray.com/blog/establishing-the-tigerrat-and-tigerdownloader-malware-families/
Threatray
Establishing the TigerRAT and TigerDownloader malware families | Threatray
Recent research by Malwarebytes (April 2021), Kaspersky (June 2021) and the Korean CERT (September 2021), reports about attacks on South Korean entities, employing new techniques and malware not previously identified.