COM asynchronous interfaces, part 8: Asynchronous release, the problems https://devblogs.microsoft.com/oldnewthing/20220223-00/?p=106282
The Old New Thing
COM asynchronous interfaces, part 8: Asynchronous release, the problems
If you don't need something any more, then you usually don't really care when it gets taken away.
How to Decrypt the Files Encrypted by the Hive Ransomware https://lifars.com/2022/02/how-to-decrypt-the-files-encrypted-by-the-hive-ransomware/
LIFARS, a SecurityScorecard company
How to Decrypt the Files Encrypted by the Hive Ransomware
South Korean researchers published an academic paper that presents a method to decrypt the files encrypted by the Hive Ransomware . This article How to Decrypt the Files Encrypted by the Hive Ransomware
A tale of EDR bypass methods https://s3cur3th1ssh1t.github.io/A-tale-of-EDR-bypass-methods/
s3cur3th1ssh1t.github.io
A tale of EDR bypass methods | S3cur3Th1sSh1t
In a time full of ransomware as well as Advanced persistent Thread (APT) incidents the importance of detecting those attacking groups has become increasingly...
ZDI-CAN-12671: Windows Kernel DoS/Privilege Escalation via a NULL Pointer Deref https://www.zerodayinitiative.com/blog/2021/1/27/zdi-can-12671-windows-kernel-dosprivilege-escalation-via-a-null-pointer-deref
Zero Day Initiative
Zero Day Initiative — ZDI-CAN-12671: Windows Kernel DoS/Privilege Escalation via a NULL Pointer Deref
You can find me on Twitter at @HexKitchen , and follow the team for the latest in exploit techniques and security patches.
We have a new PhD on the team! Congratulations to Dr. Martín-Pérez, good luck and much success in the future! 👨🎓👏👏👏 https://twitter.com/RicardoJRdez/status/1506959040051564545
Twitter
Ricardo J. Rodríguez
Last Tuesday Miguel Martín-Pérez successfully defended his doctoral thesis entitled "Effectiveness of Similarity Digest Algorithms for Binary Code Similarity in Memory Forensic Analysis". Congratulations Miguel for having come this far successfully and completing…
A Method for Decrypting Data Infected with Hive
Ransomware https://arxiv.org/pdf/2202.08477.pdf
Ransomware https://arxiv.org/pdf/2202.08477.pdf
Exploiting CVE-2021-26708 (Linux kernel) with sshd https://hardenedvault.net/2022/03/01/poc-cve-2021-26708.html
webOS Revisited - Even More Mistaken Identities https://blog.recurity-labs.com/2022-03-02/webOS_Pt2.html
Litefuzz - A Multi-Platform Fuzzer For Poking At Userland Binaries And Servers https://www.kitploit.com/2022/03/litefuzz-multi-platform-fuzzer-for.html
KitPloit - PenTest & Hacking Tools
Litefuzz - A Multi-Platform Fuzzer For Poking At Userland Binaries And Servers
Ukrainian Researcher Leaks Conti Ransomware Gang Data https://www.databreachtoday.com/ukrainian-researcher-leaks-conti-ransomware-gang-data-a-18620
Databreachtoday
Ukrainian Researcher Leaks Conti Ransomware Gang Data
A Ukrainian cybersecurity researcher has released a huge batch of data that came from the internal systems of the Conti ransomware gang. The researcher released the
SharkBot: a “new” generation Android banking Trojan being distributed on Google Play Store https://blog.fox-it.com/2022/03/03/sharkbot-a-new-generation-android-banking-trojan-being-distributed-on-google-play-store/
Fox-IT International blog
SharkBot: a “new” generation Android banking Trojan being distributed on Google Play Store
Authors: Alberto Segura, Malware analystRolf Govers, Malware analyst & Forensic IT Expert NCC Group, as well as many other researchers noticed a rise in Android malware last year, especillay An…
Conti Ransomware Group Diaries, Part I: Evasion
https://krebsonsecurity.com/2022/03/conti-ransomware-group-diaries-part-i-evasion/
https://krebsonsecurity.com/2022/03/conti-ransomware-group-diaries-part-i-evasion/
Why Am I Getting All These Notifications on my Phone? https://www.mcafee.com/blogs/other-blogs/mcafee-labs/why-am-i-getting-all-these-notifications-on-my-phone/
McAfee Blog
Why Am I Getting All These Notifications on my Phone? | McAfee Blog
Learn more about the Chrome notifications on Android mobile devices such as phones and tablets, and how McAfee Mobile Security protects users from malicious sites leveraging these notifications.
Abusing Kerberos Constrained Delegation without Protocol Transition https://snovvcrash.rocks/2022/03/06/abusing-kcd-without-protocol-transition.html
Escaping privileged containers for fun https://pwning.systems/posts/escaping-containers-for-fun/
pwning.systems
Escaping privileged containers for fun
Despite the fact that it is not a 'real' vulnerability, escaping privileged Docker containers is nevertheless pretty funny. And because there will always be people who will come up with reasons or excuses to run a privileged container (even though you really…
CVE-2022-22947: SpEL Casting and Evil Beans https://wya.pl/2022/02/26/cve-2022-22947-spel-casting-and-evil-beans/
epagneul v0.4.1 releases: visualize and investigate windows event logs https://securityonline.info/epagneul-visualize-and-investigate-windows-event-logs/
Optimizing a smart contract fuzzer https://blog.trailofbits.com/2022/03/02/optimizing-a-smart-contract-fuzzer/
The Trail of Bits Blog
Optimizing a smart contract fuzzer
During my winternship, I applied code analysis tools, such as GHC’s Haskell profiler, to improve the efficiency of the Echidna smart contract fuzzer. As a result, Echidna is now over six times faster! Echidna overview To use Echidna, users provide smart contracts…
Do you want to know what things can be recovered from memory in Telegram Desktop? Take a look at our latest post, a contribution from Pedro Fernández-Álvarez, member of our research team https://reversea.me/index.php/recovering-data-from-the-memory-of-telegram-desktop-and-other-im-applications/
It is a brief summary of our work that will be presented tomorrow at DFRWS EU 2022 tomorrow by Pedro. You can now read our full article at https://doi.org/10.1016/j.fsidi.2022.301342, enjoy the reading! :)