THCon 2k22 CTF – “Local Card Maker” Writeup https://lewin.co.il/thcon-2k22-ctf-local-card-maker-writeup/
Guy Lewin’s Blog
THCon 2k22 CTF - “Local Card Maker” Writeup
I participated in THCon 2k22 CTF and amongst the incredible “web” challenges - my favorite was “Local Card Maker” (made by jrjgjk). In this post I’ll describe the challenge and my step-by-step solution.
Implementing Global Injection and Hooking in Windows https://m417z.com/Implementing-Global-Injection-and-Hooking-in-Windows/
M417Z
Implementing Global Injection and Hooking in Windows
A couple of weeks ago, Windhawk, the customization marketplace for Windows programs, was released. You can read the announcement for more details and for the motivation behind creating it. In this post, I’ll focus on my journey in implementing the technical…
A blueprint for evading industry leading endpoint protection in 2022 https://vanmieghem.io/blueprint-for-evading-edr-in-2022/
Vincent Van Mieghem
A blueprint for evading industry leading endpoint protection in 2022
Bypassing CrowdStrike and Microsoft Defender for Endpoint
CVE-2022-26809: Remote Procedure Call Runtime Remote Code Execution Vulnerability https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26809
Tough Times for Ukrainian Honeypot? https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/tough-times-for-ukrainian-honeypot/
Trustwave
Tough Times for Ukrainian Honeypot?
I’ve always been fascinated by wireless communications. The ability to launch seemingly invisible packets of information up into the air without even the need to consider aerodynamics itself seems like some kind of magic.
CVE-2022-21449: Psychic Signatures in Java
https://neilmadden.blog/2022/04/19/psychic-signatures-in-java/
https://neilmadden.blog/2022/04/19/psychic-signatures-in-java/
Neil Madden
CVE-2022-21449: Psychic Signatures in Java
The long-running BBC sci-fi show Doctor Who has a recurring plot device where the Doctor manages to get out of trouble by showing an identity card which is actually completely blank. Of course, thi…
Investigating an engineering workstation – Part 2
https://blog.nviso.eu/2022/03/30/investigating-an-engineering-workstation-part-2/
https://blog.nviso.eu/2022/03/30/investigating-an-engineering-workstation-part-2/
NVISO Labs
Investigating an engineering workstation – Part 2
In this second post we will focus on specific evidence written by the TIA Portal. As you might remember, in the first part we covered standard Windows-based artefacts regarding execution of the TIA…
Hacker forged Windows 11 upgrade website to trick users to download the virus https://securityonline.info/hacker-forged-windows-11-upgrade-website-to-trick-users-to-download-the-virus/
Cybersecurity News
Hacker forged Windows 11 upgrade website to trick users to download the virus
network security company, CloudSEK has found in their daily monitoring that there are fake Windows 11 upgrade websites
Teaching Burp a new HTTP Transport Encoding https://www.pentagrid.ch/en/blog/teaching_burp_a_new_http_transport_encoding/
Pentagrid AG
Teaching Burp a new HTTP Transport Encoding
WSO2 RCE (CVE-2022-29464) exploit and writeup https://github.com/hakivvi/CVE-2022-29464
GitHub
GitHub - hakivvi/CVE-2022-29464: WSO2 RCE (CVE-2022-29464) exploit and writeup.
WSO2 RCE (CVE-2022-29464) exploit and writeup. Contribute to hakivvi/CVE-2022-29464 development by creating an account on GitHub.
Writing a Wireshark dissector to parse data embedded in ICMP headers https://medium.com/@kevin.massey1189/writing-a-wireshark-dissector-to-parse-data-embedded-in-icmp-headers-1f039cd4072d
Medium
Writing a Wireshark dissector to parse data embedded in ICMP headers
I recently spent some time repurposing fields in ICMP headers in order to do a basic file transfer. I decided to use the code, ID, and…
What Is Peppering in Password Security and How Does It Work? https://www.makeuseof.com/what-is-peppering-how-does-it-work/
MUO
What Is Peppering in Password Security and How Does It Work?
You've probably heard about salting passwords, but a further technique, peppering, makes them even more secure. Here's how.
Static unpacker and decoder for Hello Kitty Packer https://medium.com/proferosec-osm/static-unpacker-and-decoder-for-hello-kitty-packer-91a3e8844cb7
Medium
Static unpacker and decoder for Hello Kitty Packer
During a recent incident response engagement, the Profero IR team observed a sample of Hello Kitty ransomware. This version of ransomware…
Remote Code Execution via VirusTotal Platform https://www.cysrc.com/blog/virus-total-blog/
Cysrc
CySource Cyber Workforce Development Platform
Continuously train and measure your entire workforce
Making Your Neural Network Say “I Don’t Know” — Bayesian NNs using Pyro and PyTorch https://towardsdatascience.com/making-your-neural-network-say-i-dont-know-bayesian-nns-using-pyro-and-pytorch-b1c24e6ab8cd
Medium
Making Your Neural Network Say “I Don’t Know” — Bayesian NNs using Pyro and PyTorch
A tutorial + code on writing a bayesian image classifier on MNIST dataset.
DFSpot-Deepfake-Recognition: Determine whether a given video sequence has been manipulated or synthetically generated https://github.com/chinmaynehate/DFSpot-Deepfake-Recognition
GitHub
GitHub - chinmaynehate/DFSpot-Deepfake-Recognition: Determine whether a given video sequence has been manipulated or synthetically…
Determine whether a given video sequence has been manipulated or synthetically generated - chinmaynehate/DFSpot-Deepfake-Recognition