SATCOM terminals under attack in Europe: a plausible analysis https://www.reversemode.com/2022/03/satcom-terminals-under-attack-in-europe.html
Reversemode
SATCOM terminals under attack in Europe: a plausible analysis.
------ Update 03/12/2022 Reuters has published new information on this incident, which initially matches the proposed scenario. You can find...
Exploit Development: Browser Exploitation on Windows - CVE-2019-0567, A Microsoft Edge Type Confusion Vulnerability (Part 1) https://connormcgarr.github.io/type-confusion-part-1/
Connor McGarr’s Blog
Exploit Development: Browser Exploitation on Windows - CVE-2019-0567, A Microsoft Edge Type Confusion Vulnerability (Part 1)
End-to-end ‘modern’ browser exploitation on Windows beginning with configuring a browser exploitation environment, exploring JavaScript intrinsics, and understanding type confusion vulnerabilities.
Good presentation at last BlueHat IL 2022 » "Compilers: The Old New Security Frontier" https://grsecurity.net/Compilers_The_Old_New_Security_Frontier_BlueHat_IL_2022.pdf
2022-02-23 - TRAFFIC ANALYSIS EXERCISE - SUNNYSTATION https://www.malware-traffic-analysis.net/2022/02/23/index.html
[BugTales] Exploiting CSN.1 Bugs in MediaTek Basebands https://labs.taszk.io/articles/post/mtk_baseband_csn1_exploitation/
labs.taszk.io
[BugTales] Exploiting CSN.1 Bugs in MediaTek Basebands
Investigating exploitable remote code execution vulnerabilities in the MediaTek baseband
Good old memories comes to my mind... :) » The original source code of Microsoft GW-BASIC from 1983 » https://github.com/microsoft/GW-BASIC
GitHub
GitHub - microsoft/GW-BASIC: The original source code of Microsoft GW-BASIC from 1983
The original source code of Microsoft GW-BASIC from 1983 - microsoft/GW-BASIC
How expensive is PssCaptureSnapshot? How fast is it? How much memory does it consume? https://devblogs.microsoft.com/oldnewthing/20220314-00/?p=106346
The Old New Thing
How expensive is PssCaptureSnapshot? How fast is it? How much memory does it consume?
Think of it as a copy-on-write copy, like the Volume Snapshot Service.
Making Sense of the Dirty Pipe Vulnerability (CVE-2022-0847) https://redhuntlabs.com/blog/the-dirty-pipe-vulnerability.html
RedHunt Labs
Making Sense of the Dirty Pipe Vulnerability (CVE-2022-0847) - RedHunt Labs
CVE-2022-0847 dubbed the "Dirty Pipe", is a privilege escalation vulnerability in the Linux Kernel. We demonstrate the vulnerability and analyze it in depth.
The Discovery and Exploitation of CVE-2022-25636 https://nickgregory.me/linux/security/2022/03/12/cve-2022-25636/
nickgregory.me
The Discovery and Exploitation of CVE-2022-25636 · Nick Gregory
Security research, programming, and more.
Exploring the archived APKs powering Android’s new app archiving feature https://blog.esper.io/android-dessert-bites-16-app-archiving-857169/
www.esper.io
Exploring the Archived APKs Powering Android’s New App Archiving Feature
Android's new app archiving feature can save loads of storage space thanks to a new archived APK file. Here's how it all works.
Reversing Common Obfuscation Techniques https://ferib.dev/blog.php?l=post/Reversing_Common_Obfuscation_Techniques&t=t
CVE-2022-0847 Vulnerability in Linux Kernel Can Be Used To Root Android https://securityonline.info/dirty-pipe-vulnerability-in-linux-kernel-can-be-used-to-root-android/
Cybersecurity News
CVE-2022-0847 Vulnerability in Linux Kernel Can Be Used To Root Android
CVE-2022-0847 has been used to successfully gain root privileges on Google Pixel 6 Pro and Samsung Galaxy S22 running the latest Android version
CVE-2022-0847 aka Dirty Pipe vulnerability in Linux kernel https://securelist.com/cve-2022-0847-aka-dirty-pipe-vulnerability-in-linux-kernel/106088
Securelist
Notes on CVE-2022-0847 (Dirty Pipe) vulnerability
Exploit for CVE-2022-0847 (Dirty Pipe) vulnerability in Linux kernel is available online. Kaspersky solutions detect and prevent exploitation attempts.
🤔🤔 » "If you want cyber peace, prepare for cyber war" https://www.afr.com/technology/if-you-want-cyber-peace-prepare-for-cyber-war-20220311-p5a3tq
Australian Financial Review
If you want cyber peace, prepare for cyber war
When it comes to cyber-disruption, the Russians are undisputed masters; not least because they’ve had a lot of practice over the past decade.
In 2015, the Russian hacking group Sandworm turned out the lights in Western Ukraine in the first ever power outage…
In 2015, the Russian hacking group Sandworm turned out the lights in Western Ukraine in the first ever power outage…
NSA, CISA release Kubernetes Hardening Guidance https://www.nsa.gov/Press-Room/News-Highlights/Article/Article/2716980/nsa-cisa-release-kubernetes-hardening-guidance/
National Security Agency/Central Security Service
NSA, CISA release Kubernetes Hardening Guidance
The National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) released a Cybersecurity Technical Report, “Kubernetes Hardening Guidance,” today. This report
Uncovering Trickbot’s use of IoT devices in command-and-control infrastructure https://www.microsoft.com/security/blog/2022/03/16/uncovering-trickbots-use-of-iot-devices-in-command-and-control-infrastructure/
Microsoft News
Uncovering Trickbot’s use of IoT devices in command-and-control infrastructure
The Microsoft Defender for IoT research team has recently discovered the exact method through which MikroTik devices are used in Trickbot’s C2 infrastructure. In this blog, we share the analysis of this method and provide insights on how attackers gain access…
Anatomy of the Process Environment Block (PEB) (Windows Internals) https://ntopcode.wordpress.com/2018/02/26/anatomy-of-the-process-environment-block-peb-windows-internals/
Opcode
Anatomy of the Process Environment Block (PEB) (Windows Internals)
The Process Environment Block (PEB) is a wonderful thing, and I’d be lying if I told you that I didn’t love it. It has been present in Windows since the introduction of the Win2k (Windows 2000) and…
CVE-2022-25636: heap out-of-bounds write, related to nf_tables_offload https://github.com/Bonfee/CVE-2022-25636
GitHub
GitHub - Bonfee/CVE-2022-25636: CVE-2022-25636
CVE-2022-25636. Contribute to Bonfee/CVE-2022-25636 development by creating an account on GitHub.