SAILFISH System to Find State-Inconsistency Bugs in Smart Contracts https://thehackernews.com/2022/01/sailfish-system-to-find-state.html
Emulating File I/O for In-Memory Fuzzing https://www.signal-labs.com/blog/emulating-fileio-fuzzing
Signal Labs
Emulating File I/O for In-Memory Fuzzing | Advanced Offensive Cybersecurity Training
Using hooks & file I/O emulation to redirect disk I/O operations to memory, removing disk I/O & related syscalls during fuzzing (which also enables using snapshot-fuzzers that don't support disk I/O).
CVE-2021-22045: VMware Workstation, Fusion and ESXi heap-overflow vulnerability https://securityonline.info/cve-2021-22045-vmware-workstation-fusion-and-esxi-heap-overflow/
Cybersecurity News
CVE-2021-22045: VMware Workstation, Fusion and ESXi heap-overflow vulnerability
VMware Workstation, Fusion, and ESXi to fix a heap-overflow security vulnerability. The security vulnerability number is CVE-2021-22045
Nice write-up in a not-so-easy topic » How to exploit a double free vulnerability in 2021. 'Use After Free for Dummies' https://github.com/stong/how-to-exploit-a-double-free
GitHub
GitHub - stong/how-to-exploit-a-double-free: How to exploit a double free vulnerability in 2021. Use After Free for Dummies
How to exploit a double free vulnerability in 2021. Use After Free for Dummies - stong/how-to-exploit-a-double-free
We are starting this week, thx to @catedra_TEF_UZ for the support! ♥️ Join us, folks! 👇👇👇 https://twitter.com/unizar/status/1488453925053222917?t=UZoVPplDcCDHhjBJAUS-GA&s=19
Twitter
Universidad Zaragoza
La Cátedra @Telefonica-@unizar que dirige @fernand0 y el #GrupoRME crean la Escuela de #retos de #ciberseguridad para impulsar el talento y la capacidad universitarios. Comienza el 4 de febrero en la @EINAunizar con más de 25 estudiantes.
Unpacking CVE-2021-40444: A Deep Technical Analysis of an Office RCE Exploit https://billdemirkapi.me/unpacking-cve-2021-40444-microsoft-office-rce/
Bill Demirkapi's Blog
Unpacking CVE-2021-40444: A Deep Technical Analysis of an Office RCE Exploit
In the middle of August 2021, a special Word document was uploaded to VirusTotal by a user from Argentina. Although it was only detected by a single antivirus engine at the time, this sample turned out to be exploiting a zero day vulnerability in Microsoft…
Shlyuz Implant Framework: Part 1 - Influences https://und3rf10w.github.io/posts/2022/01/08/shlyuz-1-influences.html
Und3rf10w
Shlyuz Implant Framework: Part 1 - Influences
Overview I’m excited to finally discuss and share the Proof-of-Concept code for an implant framework I wrote called Shlyuz (шлюз). Shlyuz takes a number of design queues from the Assassin Implant developed by the Central Intelligence Agency as described in…
garlicshare: Private and self-hosted file sharing over the Tor network written in golang https://github.com/R4yGM/garlicshare
GitHub
GitHub - R4yGM/garlicshare: Private and self-hosted file sharing over the Tor network written in golang
Private and self-hosted file sharing over the Tor network written in golang - GitHub - R4yGM/garlicshare: Private and self-hosted file sharing over the Tor network written in golang
CVE-2021-38000: Chrome Intents Logic Flaw https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2021/CVE-2021-38000.html
TOCTOU Vulnerability in Log4J 2.15 https://blog.h3xstream.com/2021/12/toctou-vulnerability-in-log4j-215.html
H3Xstream
h3xStream's blog: TOCTOU Vulnerability in Log4J 2.15
Log4J has been in the spotlight for the past two weeks for a new attack vector which relies on Java Naming and Directory Interface (JNDI). ...
[VULNCON 2021] - IPS https://blog.kylebot.net/2022/01/10/VULNCON-2021-IPS/
SQL Injection in Wordpress core (CVE-2022–21661) https://cognn.medium.com/sql-injection-in-wordpress-core-zdi-can-15541-a451c492897
Medium
SQL Injection in Wordpress core (CVE-2022–21661)
Giới thiệu
LoRaWAN's Protocol Stacks: The Forgotten Targets at Risk https://www.trendmicro.com/en_us/research/22/a/lorawans-protocol-stacks-the-forgotten-targets-at-risk.html
Trend Micro
LoRaWAN's Protocol Stacks: The Forgotten Targets at Risk
Attacking RDP from Inside: How we abused named pipes for smart-card hijacking, unauthorized file system access to client machines and more https://www.cyberark.com/resources/threat-research-blog/attacking-rdp-from-inside
Cyberark
Attacking RDP from Inside: How we abused named pipes for smart-card hijacking, unauthorized file system access to client machines…
In this blog post we are going to discuss the details of a vulnerability in Windows Remote Desktop Services, which we recently uncovered. We reported the vulnerability to Microsoft in a...
Intercepting 2FA: Over 1200 man-in-the-middle phishing toolkits detected https://blog.malwarebytes.com/reports/2022/01/intercepting-2fa-over-1200-man-in-the-middle-phishing-toolkits-detected/
Malwarebytes Labs
Intercepting 2FA: Over 1200 man-in-the-middle phishing toolkits detected
Evolved phishing toolkits that can intercept 2FA codes are called man-in-the-middle (MiTM) phishing kits. And they're growing in popularity.
Can You Trust a File’s Digital Signature? New Zloader Campaign exploits Microsoft’s Signature Verification putting users at risk https://research.checkpoint.com/2022/can-you-trust-a-files-digital-signature-new-zloader-campaign-exploits-microsofts-signature-verification-putting-users-at-risk/
Check Point Research
Can You Trust a File’s Digital Signature? New Zloader Campaign exploits Microsoft’s Signature Verification putting users at risk…
Research by: Golan Cohen Introduction Last seen in August 2021, Zloader, a banking malware designed to steal user credentials and private information, is back with a simple yet sophisticated infection chain. Previous Zloader campaigns, which were seen in…
Patchwork APT caught in its own web https://blog.malwarebytes.com/threat-intelligence/2022/01/patchwork-apt-caught-in-its-own-web/
ThreatDown by Malwarebytes
Patchwork APT caught in its own web
Patchwork is an Indian threat actor that has been active since December 2015 and usually targets Pakistan via spear phishing attacks….