Good report here, keep an eye on it! » Secure Software Development Framework (SSDF) Version 1.1: Recommendations for Mitigating the Risk of Software Vulnerabilities https://csrc.nist.gov/publications/detail/sp/800-218/final
CSRC | NIST
NIST Special Publication (SP) 800-218, Secure Software Development Framework (SSDF) Version 1.1: Recommendations for Mitigating…
Few software development life cycle (SDLC) models explicitly address software security in detail, so secure software development practices usually need to be added to each SDLC model to ensure that the software being developed is well-secured. This document…
ModifiedElephant APT and a Decade of Fabricating Evidence https://www.sentinelone.com/labs/modifiedelephant-apt-and-a-decade-of-fabricating-evidence/
SentinelOne
ModifiedElephant APT and a Decade of Fabricating Evidence
A previously unreported threat actor has been targeting civil society for over a decade. Read about how it operates and its relationships to other threats.
What’s with the shared VBA code between Transparent Tribe and other threat actors? https://blog.talosintelligence.com/2022/02/whats-with-shared-vba-code.html
Cisco Talos Blog
What’s with the shared VBA code between Transparent Tribe and other threat actors?
Recently, we've been researching several threat actors operating in South Asia: Transparent Tribe, SideCopy, etc., that deploy a range of remote access trojans (RATs). After a hunting session in our malware sample repositories and VirusTotal while looking…
How to become a Bug Bounty Hunter https://github.com/pen4uin/bug-bounty
Malware Analysis Series (MAS) – Article 2 https://exploitreversing.com/2022/02/03/malware-analysis-series-mas-article-2/
Exploit Reversing
Malware Analysis Series (MAS) – Article 2
The second article of MAS (Malware Analysis Series) is available for reading on: (link): I hope you like it and keep reversing! Have an excellent day. Alexandre Borges.
Dropping Files on a Domain Controller Using CVE-2021-43893 https://www.rapid7.com/blog/post/2022/02/14/dropping-files-on-a-domain-controller-using-cve-2021-43893/
Rapid7
Dropping Files on a Domain Controller Using CVE-2021-43893 | Rapid7 Blog
How I accidentally found a huge data leak during a college lecture https://sijmen.ruwhof.net/weblog/937-how-i-accidentally-found-a-huge-data-leak-during-a-college-lecture
A walk through Project Zero metrics https://googleprojectzero.blogspot.com/2022/02/a-walk-through-project-zero-metrics.html
Blogspot
A walk through Project Zero metrics
Posted by Ryan Schoen, Project Zero tl;dr In 2021, vendors took an average of 52 days to fix security vulnerabilities reported from Projec...
Zabbix - A Case Study of Unsafe Session Storage https://blog.sonarsource.com/zabbix-case-study-of-unsafe-session-storage
Sonarsource
Zabbix - A Case Study of Unsafe Session Storage
In this article we discuss the security of client-side session storages and analyze a vulnerable implementation in the IT monitoring solution Zabbix.
CVE-2022-24112: Apache APISIX Remote Code Execution Vulnerability Alert https://securityonline.info/cve-2022-24112-apache-apisix-remote-code-execution-vulnerability-alert/
Cybersecurity News
CVE-2022-24112: Apache APISIX Remote Code Execution Vulnerability Alert
Recently, Apache APISIX officially released a security bulletin, disclosing a remote code execution vulnerability (CVE-2022-24112)
Another Kernel TIPC Bug, MySQL, and Buggy Go https://dayzerosec.com/podcast/another-kernel-tipc-bug-mysql-and-buggy-go.html
DAY[0]
Another Kernel TIPC Bug, MySQL, and Buggy Go
This week we discuss taint analysis and where to use it compared with fuzzing, a couple buggy code patterns in Go to be on the lookout for, and another remote stack-overflow in the Kernel TIPC module.
A technique to semi-automatically discover new vulnerabilities in WordPress plugins https://kazet.cc/2022/02/03/fuzzing-wordpress-plugins.html
kazet.cc
A technique to semi-automatically discover new vulnerabilities in WordPress plugins
How to semi-automatically find vulnerabilities in WordPress plugins installed on about 15 million websites.
interesting report » DOSfuscation: Exploring the Depths of Cmd.exe Obfuscation and Detection Techniques https://www.fireeye.com/content/dam/fireeye-www/blog/pdfs/dosfuscation-report.pdf
Dynamically extracting the encryption key from a simple ransomware https://0x00sec.org/t/dynamically-extracting-the-encryption-key-from-a-simple-ransomware/28379
0x00sec - The Home of the Hacker
Dynamically extracting the encryption key from a simple ransomware
recently I’ve played ransomware101 room in secdojo website where I was given a windows box that has a flag ecrypted by a ransomware, and I had to figure out the decryption key to recover it, the ransomware key generation function worked like the following:…
Good reading about the Morris worm (1988) » "Crisis and Aftermath" https://www.cs.cmu.edu/~dga/15-712/F14/papers//Spafford89.pdf
CVE-2022-0478 - WooCommerce Event-Manager Plugin SQL Injection https://castilho101.github.io/posts/cve-2022-0478-woocommerce-event-manager-plugin-sql-injection/
castilho101.github.io
CVE-2022-0478 - WooCommerce Event-Manager Plugin SQL Injection | castilho
In this writeup, I will be going through how I found an Authenticated (sad) SQL Injection in the WooCommerce Event-Manager Wordpress Plugin. I will be going through the whole process, from the beginning of why I chose this plugin, to how a simple mistake…
Analyzing a PJL directory traversal vulnerability – exploiting the Lexmark MC3224i printer (part 2) https://research.nccgroup.com/2022/02/18/analyzing-a-pjl-directory-traversal-vulnerability-exploiting-the-lexmark-mc3224i-printer-part-2/