CVE-2021-38000: Chrome Intents Logic Flaw https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2021/CVE-2021-38000.html
TOCTOU Vulnerability in Log4J 2.15 https://blog.h3xstream.com/2021/12/toctou-vulnerability-in-log4j-215.html
H3Xstream
h3xStream's blog: TOCTOU Vulnerability in Log4J 2.15
Log4J has been in the spotlight for the past two weeks for a new attack vector which relies on Java Naming and Directory Interface (JNDI). ...
[VULNCON 2021] - IPS https://blog.kylebot.net/2022/01/10/VULNCON-2021-IPS/
SQL Injection in Wordpress core (CVE-2022–21661) https://cognn.medium.com/sql-injection-in-wordpress-core-zdi-can-15541-a451c492897
Medium
SQL Injection in Wordpress core (CVE-2022–21661)
Giới thiệu
LoRaWAN's Protocol Stacks: The Forgotten Targets at Risk https://www.trendmicro.com/en_us/research/22/a/lorawans-protocol-stacks-the-forgotten-targets-at-risk.html
Trend Micro
LoRaWAN's Protocol Stacks: The Forgotten Targets at Risk
Attacking RDP from Inside: How we abused named pipes for smart-card hijacking, unauthorized file system access to client machines and more https://www.cyberark.com/resources/threat-research-blog/attacking-rdp-from-inside
Cyberark
Attacking RDP from Inside: How we abused named pipes for smart-card hijacking, unauthorized file system access to client machines…
In this blog post we are going to discuss the details of a vulnerability in Windows Remote Desktop Services, which we recently uncovered. We reported the vulnerability to Microsoft in a...
Intercepting 2FA: Over 1200 man-in-the-middle phishing toolkits detected https://blog.malwarebytes.com/reports/2022/01/intercepting-2fa-over-1200-man-in-the-middle-phishing-toolkits-detected/
Malwarebytes Labs
Intercepting 2FA: Over 1200 man-in-the-middle phishing toolkits detected
Evolved phishing toolkits that can intercept 2FA codes are called man-in-the-middle (MiTM) phishing kits. And they're growing in popularity.
Can You Trust a File’s Digital Signature? New Zloader Campaign exploits Microsoft’s Signature Verification putting users at risk https://research.checkpoint.com/2022/can-you-trust-a-files-digital-signature-new-zloader-campaign-exploits-microsofts-signature-verification-putting-users-at-risk/
Check Point Research
Can You Trust a File’s Digital Signature? New Zloader Campaign exploits Microsoft’s Signature Verification putting users at risk…
Research by: Golan Cohen Introduction Last seen in August 2021, Zloader, a banking malware designed to steal user credentials and private information, is back with a simple yet sophisticated infection chain. Previous Zloader campaigns, which were seen in…
Patchwork APT caught in its own web https://blog.malwarebytes.com/threat-intelligence/2022/01/patchwork-apt-caught-in-its-own-web/
ThreatDown by Malwarebytes
Patchwork APT caught in its own web
Patchwork is an Indian threat actor that has been active since December 2015 and usually targets Pakistan via spear phishing attacks….
Real-world Android Malware Analysis 1: eblagh.apk https://www.purpl3f0xsecur1ty.tech/2022/01/10/eblagh-re.html
Purpl3 F0x Secur1ty
Real-world Android Malware Analysis 1: eblagh.apk
Intro
Mejores sistemas protección red con sistemas IDS/IPS https://blog.elhacker.net/2022/01/mejores-sistemas-para-proteger-red-intrusos-amenazas-sistema-ids-ips.html
Blog elhacker.NET
Mejores sistemas protección red con sistemas IDS/IPS
Blog sobre informática, tecnología y seguridad con manuales, tutoriales y documentación sobre herramientas y programas
Wi-Fi Framework: creating PoC, automated experiments, test suites, fuzzers https://securityonline.info/wi-fi-framework-creating-poc-automated-experiments-test-suites-fuzzers-and-more/
Cybersecurity News
Wi-Fi Framework: creating PoC, automated experiments, test suites, fuzzers
Wi-Fi Framework can be used to create fuzzers, implement new attacks, create PoCs to test for vulnerabilities, automate experiments, implement test suites
TokyoX: DLL side-loading an unknown artifact (Part 2) https://lab52.io/blog/tokyox-dll-side-loading-an-unknown-artifact-part-2/
New SysJoker Backdoor Targets Windows, Linux, and macOS https://www.intezer.com/blog/malware-analysis/new-backdoor-sysjoker/
Intezer
New SysJoker Backdoor Targets Windows, Linux, and macOS
Malware targeting multiple operating systems has become no exception in the malware threat landscape. Vermilion Strike, which was documented just last September, is among the latest examples until now. In December 2021, we discovered a new multi-platform…
Active Directory Privilege Escalation (CVE-2021–42278) https://www.hackingarticles.in/active-directory-privilege-escalation-cve-2021-42278/
Hacking Articles
Windows Privilege Escalation: sAMAccountName Spoofing - Hacking Articles
This post discusses how CVE-2021-42278 allows potential attackers to gain high privileged user access (domain controllers Administrator level access) via a low privileged user (any
NightSky Ransomware – just a Rook RW fork in VMProtect suit https://github.com/Dump-GUY/Malware-analysis-and-Reverse-engineering/blob/main/NightSky_Ransomware%E2%80%93just_a_Rook_RW_fork_in_VMProtect_suit/NightSky_Ransomware%E2%80%93just_a_Rook_RW_fork_in_VMProtect_suit.md
GitHub
Malware-analysis-and-Reverse-engineering/NightSky_Ransomware–just_a_Rook_RW_fork_in_VMProtect_suit/NightSky_Ransomware–just_a_…
Some of my publicly available Malware analysis and Reverse engineering. - Dump-GUY/Malware-analysis-and-Reverse-engineering
Obfuscating Malicious, Macro-Enabled Word Docs https://depthsecurity.com/blog/obfuscating-malicious-macro-enabled-word-docs
Depth Security | A Konica Minolta Service
Obfuscating Malicious, Macro-Enabled Word Docs | Depth Security
Learn more about malicious word documents from the Depth Security team in this blog post. Depth Security provides an experienced take on the subject.
New contribution in @vxunderground, nice one » Playing around with COM objects - PART 1 by @T3nb3w https://papers.vx-underground.org/papers/VXUG/Mirrors/playing-around-com-objects-part-1.pdf