Osinteye - Username Enumeration And Reconnaisance Suite https://www.kitploit.com/2022/04/osinteye-username-enumeration-and.html
KitPloit - PenTest & Hacking Tools
Osinteye - Username Enumeration And Reconnaisance Suite
NahamCon CTF 2022 Write-up: Click Me! Android challenge https://infosecwriteups.com/nahamcon-ctf-2022-write-up-click-me-android-challenge-63ccba7cb663
Medium
NahamCon CTF 2022 Write-up: Click Me! Android challenge
NahamSec, John Hammond & few other folks hosted a CTF this weekend. I solved Android challenges, the challenges were really fun. I decided…
Analysis on recent wiper attacks: examples and how wiper malware works https://cybersecurity.att.com/blogs/labs-research/analysis-on-recent-wiper-attacks-examples-and-how-they-wiper-malware-works
LevelBlue
Analysis on recent wiper attacks: examples and how wiper…
Executive summary 2022 has experienced an increase in the number of wiper variants targeting Ukrainian entities. This blog post looks to explain how wipers work, what makes them so effective and provides a short overview of the most recent samples that appeared…
Ngrok Threat Hunting: Detect Hackers at the End of the Tunnel https://www.socinvestigation.com/ngrok-threat-hunting-detect-hackers-at-the-end-of-the-tunnel/
Security Investigation - Be the first to investigate
Ngrok Threat Hunting: Detect Hackers at the End of the Tunnel - Security Investigation
What is Ngrok? Ngrok is a program that allows you to access your private systems that are behind NAT or a firewall from the outside (internet). It's an encrypted TCP tunnel that provides an address that anyone can access from the internet, and then connects…
Nice webpage! » Malvuln: Finding and exploiting vulnerable Malware. https://www.malvuln.com/
Malvuln
Malvuln – Malware Vulnerability Research & Exploits Database
Unique source for malware vulnerability research, exploits, and threat intelligence. Track security flaws in malware and C2 infrastructure.
Outlets tricked by 7-zip CVE-2022-29072 hoax https://docs.google.com/document/d/1uZaoOTRNL9DweLNZPIX4Qz2PbwjJ5BkU-sDg2ojur7M/edit
Google Docs
Outlets tricked by 7-zip CVE-2022-29072 hoax
On April 15, 2022, @kagancapar posted a hoax vulnerability as CVE-2022-29072 in 7-zip. While not even a plausible description or demonstration of a vulnerability, multiple people were tricked by it. Let’s see who was tricked, and if they have made any updates…
Ret2dl_resolve x64: Exploiting Dynamic Linking Procedure In x64 ELF Binaries https://syst3mfailure.io/ret2dl_resolve
ret2dl_resolve x64: Exploiting Dynamic Linking Procedure In x64 ELF Binaries
In this article, we will start analyzing the lazy binding process, we will proceed dissecting dl-runtime, understanding when it is possible to use this technique without a leak, and finally we will build our exploit.
Competing in Pwn2Own 2021 Austin: Icarus at the Zenith https://doar-e.github.io/blog/2022/03/26/competing-in-pwn2own-2021-austin-icarus-at-the-zenith/
doar-e.github.io
Competing in Pwn2Own 2021 Austin: Icarus at the Zenith
Sandboxing Antimalware Products for Fun and Profit https://elastic.github.io/security-research/whitepapers/2022/02/02.sandboxing-antimalware-products-for-fun-and-profit/article/#
Advisory: DotCMS Remote Code Execution (CVE-2022-26352) https://blog.assetnote.io/2022/05/03/dotcms-rce-advisory/
Stormous: The Pro-Russian, Clout Hungry Ransomware Gang Targets the US and Ukraine https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/stormous-the-pro-russian-clout-hungry-ransomware-gang-targets-the-us-and-ukraine/
Trustwave
Stormous: The Pro-Russian, Clout Hungry Ransomware Gang Targets the US and Ukraine | Trustwave
As part of our regular Dark Web and cybercriminal research, Trustwave SpiderLabs has uncovered and analyzed postings from a politically motivated, pro-Russian ransomware group named Stormous.
Outlier Detection Techniques https://archive.siam.org/meetings/sdm10/tutorial3.pdf
Hacking a Bank by Finding a 0day in DotCMS https://blog.assetnote.io/2022/05/03/hacking-a-bank-using-dotcms-rce/
iBoot_firebloom: Introduction to Firebloom (iBoot) https://saaramar.github.io/iBoot_firebloom/
The curious case of mavinject.exe https://fourcore.io/blogs/mavinject-curious-process-injection
FourCore
The curious case of mavinject.exe
Mavinject, described as Microsoft Application Visualisation Injector, is a signed Microsoft executable that can be abused to perform arbitrary code injections inside any running process.
A Deep Dive into AvosLocker Ransomware https://cdn.pathfactory.com/assets/10555/contents/400686/13f4424c-05b4-46db-bb9c-6bf9b5436ec4.pdf
Android 13’s new sideloading restriction makes it harder for malware to abuse Accessibility APIs https://blog.esper.io/android-13-sideloading-restriction-harder-malware-abuse-accessibility-apis/
AvosLocker Ransomware Variant Abuses Driver File to Disable Antivirus, Scans for Log4shell https://www.trendmicro.com/en_us/research/22/e/avoslocker-ransomware-variant-abuses-driver-file-to-disable-anti-Virus-scans-log4shell.html
Trend Micro
AvosLocker Ransomware Variant Abuses Driver File to Disable Anti-Virus, Scans for Log4shell
We found an AvosLocker ransomware variant using a legitimate antivirus component to disable detection and blocking solutions.
A guide covering Digital Forensics (DF) the applications, libraries and tools that will make you a better and more efficient with DF development https://github.com/mikeroyal/Digital-Forensics-Guide
GitHub
GitHub - mikeroyal/Digital-Forensics-Guide: Digital Forensics Guide. Learn all about Digital Forensics, Computer Forensics, Mobile…
Digital Forensics Guide. Learn all about Digital Forensics, Computer Forensics, Mobile device Forensics, Network Forensics, and Database Forensics. - mikeroyal/Digital-Forensics-Guide