Operation EmailThief: Active Exploitation of Zero-day XSS Vulnerability in Zimbra https://www.volexity.com/blog/2022/02/03/operation-emailthief-active-exploitation-of-zero-day-xss-vulnerability-in-zimbra/
Volexity
Operation EmailThief: Active Exploitation of Zero-day XSS Vulnerability in Zimbra
[UPDATE] On February 4, 2022, Zimbra provided an update regarding this zero-day exploit vulnerability and reported that a hotfix for 8.8.15 P30 would be available on February 5, 2022. This vulnerability […]
Reversing NodeJS malware, part 2: Analysing the source code https://itnext.io/reversing-nodejs-malware-part-2-analysing-the-source-code-a31c316ff4f
Medium
Reversing NodeJS malware, part 2: Analysing the source code
Following my last article about a Discord malware, we now take a deeper look inside the inner workings of the PirateStealer malware.
A detailed analysis of Lazarus APT malware disguised as Notepad++ Shell Extension https://cybergeeks.tech/a-detailed-analysis-of-lazarus-malware-disguised-as-notepad-shell-extension/
I’m bringing relaying back: A comprehensive guide on relaying anno 2022 https://www.trustedsec.com/blog/a-comprehensive-guide-on-relaying-anno-2022
TrustedSec
I’m bringing relaying back: A comprehensive guide on relaying anno…
As a results, I was forced to create the lab offline.eq The lab architecture looks as follows: Our lab contains three (3) servers in one (1) domain…
Moodle: Blind SQL Injection (CVE-2021-36393) and Broken Access Control (CVE-2021-36397) https://0xkasper.com/articles/moodle-sql-injection-broken-access-control.html
MMU Virtualization via Intel EPT: Implementation – Part 1 https://revers.engineering/mmu-virtualization-impl-p1/
Reverse Engineering
MMU Virtualization via Intel EPT: Implementation - Part 1 - Reverse Engineering
The first implementation heavy article covering the details of x86 paging, MTRR configuration, VPID/PCID, and initializing an EPT hierarchy.
Deserves a look » SHA-256 explained step-by-step visually https://sha256algorithm.com/
Sha256Algorithm
Sha256 Algorithm Explained
Sha256 algorithm explained online step by step visually
Out-of-bounds heap read/write vulnerability in VFS module vfs_fruit allows code execution https://www.samba.org/samba/security/CVE-2021-44142.html
CVE-2021-44142: Details on a Samba Code Execution Bug Demonstrated at Pwn2Own Austin https://www.zerodayinitiative.com/blog/2022/2/1/cve-2021-44142-details-on-a-samba-code-execution-bug-demonstrated-at-pwn2own-austin
Zero Day Initiative
Zero Day Initiative — CVE-2021-44142: Details on a Samba Code Execution Bug Demonstrated at Pwn2Own Austin
Recently, Samba released a patch to address an Out-of-Bounds (OOB) Heap Read/Write vulnerability found in Samba versions prior to 4.13.17. This vulnerability was disclosed at Pwn2Own Austin 2021 by Nguyễn Hoàng Thạch ( @hi_im_d4rkn3ss ) and Billy Jheng…
Dice CTF Memory Hole: Breaking V8 Heap Sandbox https://mem2019.github.io/jekyll/update/2022/02/06/DiceCTF-Memory-Hole.html
mem2019.github.io
Dice CTF Memory Hole: Breaking V8 Heap Sandbox
0x00 Introduction
Codex Exposed: Helping Hackers in Training? https://www.trendmicro.com/en_ae/research/22/a/codex-exposed-helping-hackers-in-training.html
Trend Micro
Codex Exposed Helping Hackers in Training
Silly proof of concept: Anti-phishing using perceptual hashing algorithms https://www.anvilsecure.com/blog/silly-proof-of-concept-anti-phishing-using-perceptual-hashing-algorithms.html
Anvil Secure
Silly proof of concept: Anti-phishing using perceptual hashing algorithms - Anvil Secure
by Diego Freijo Welcome to the first dispatch coming out of the Ministry of Silly Ideas! It’s a space we’ve got inside Anvil where we encourage ourselves to come up with interesting-even-if-sounding-silly-at-first-glance ideas around security or IT in general.…
Invisible Sandbox Evasion https://research.checkpoint.com/2022/invisible-cuckoo-cape-sandbox-evasion/
Check Point Research
Invisible Sandbox Evasion - Check Point Research
Cuckoo and CAPE sandbox evasion in one legitimate Windows API function call? It is possible due to issues we found in Cuckoo and CAPE monitor.
SpoolFool: Windows Print Spooler Privilege Escalation (CVE-2022-21999) https://research.ifcr.dk/spoolfool-windows-print-spooler-privilege-escalation-cve-2022-22718-bf7752b68d81
Medium
SpoolFool: Windows Print Spooler Privilege Escalation (CVE-2022-21999)
In this blog post, we’ll look at a Windows Print Spooler local privilege escalation vulnerability that I found and…
Nice summary for forensics » Volatility MindMap & CheatSheet https://github.com/HellishPn/Volatility-MM-CS
GitHub
GitHub - HellishPn/Volatility-MM-CS: Volatility MindMap & Cheat Sheet
Volatility MindMap & Cheat Sheet. Contribute to HellishPn/Volatility-MM-CS development by creating an account on GitHub.
RegEx Library - a curated list of useful regular expressions for different programming languages https://uibakery.io/regex-library