We Love Relaying Credentials: A Technical Guide to Relaying Credentials Everywhere https://www.secureauth.com/blog/we-love-relaying-credentials-a-technical-guide-to-relaying-credentials-everywhere/
SecureAuth
We Love Relaying Credentials: A Technical Guide to Relaying Credentials Everywhere
NTLM relay is a well-known technique that has been with us for many years and never seems to go away.
Technical Advisory – BLE Proximity Authentication Vulnerable to Relay Attacks
https://research.nccgroup.com/2022/05/15/technical-advisory-ble-proximity-authentication-vulnerable-to-relay-attacks/
https://research.nccgroup.com/2022/05/15/technical-advisory-ble-proximity-authentication-vulnerable-to-relay-attacks/
HTB: Fulcrum https://0xdf.gitlab.io/2022/05/11/htb-fulcrum.html
0xdf hacks stuff
HTB: Fulcrum
Fulcrum is a 2017 release that got a rebuild in 2022. It’s a Linux server with four websites, including one that returns Windows .NET error messages. I’ll exploit an API endpoint via XXE, and use that as an SSRF to get execution through a remote file include.…
Stealing Google Drive OAuth tokens from Dropbox https://blog.stazot.com/stealing-google-drive-oauth-tokens-from-dropbox/
Stazot
Sivanesh Ashok
Blog about bug bounty and infosec research
CVE-2022-22675: AppleAVD Overflow in AVC_RBSP::parseHRD https://googleprojectzero.github.io/0days-in-the-wild/0day-RCAs/2022/CVE-2022-22675.html
Ransomware simulator: Ransomware simulator written in Golang https://securityonline.info/ransomware-simulator-ransomware-simulator-written-in-golang/
Cybersecurity News
Ransomware simulator: Ransomware simulator written in Golang
The goal of Ransomware Simulator repository is to provide a simple, harmless way to check your AV's protection on ransomware.
Meta's SparkAR RCE Via ZIP Path Traversal https://blog.fadyothman.com/metas-sparkar/
Very good post, worth reading it » How Does a C Debugger Work? (GDB Ptrace/x86 example) https://blog.0x972.info/?d=2014/11/13/10/40/50-how-does-a-debugger-work
blog.0x972.info
How Does a C Debugger Work? (GDB Ptrace/x86 example) - (gdb) break *0x972
Debugging, GNU± Linux and WebHosting and ... and ...
Interesting paper for people in academia » "“Flawed, but like democracy we don’t have a better system”: The Experts’ Insights on the Peer Review Process of Evaluating Security Papers" (accepted in @IEEESSP) https://adamdoupe.com/publications/peer-review-process-oakland22.pdf
macOS Vulnerabilities Hiding in Plain Sight (BH Asia 2022 talk) https://www.blackhat.com/asia-22/briefings/schedule/#macos-vulnerabilities-hiding-in-plain-sight-26073
Blackhat
Black Hat Asia 2022
The downside of ‘debugging’ ransomware https://www.welivesecurity.com/2022/05/16/downside-debugging-ransomware/
Killnet cyber attacks against Italy and NATO countries https://sysdig.com/blog/killnet-italy-and-nato/
Sysdig
Killnet cyber attacks against Italy and NATO countries | Sysdig
The hacker group Killnet claimed the attacks against Italy. How it's possible to detect the activities of the Mirai botnet used through Falco
Operation RestyLink: APT campaign targeting Japanese companies https://insight-jp.nttsecurity.com/post/102hojk/operation-restylink-apt-campaign-targeting-japanese-companies
Exploiting an Unbounded memcpy in Parallels Desktop
A Pwn2Own 2021 Guest-to-Host Virtualization Escape https://blog.ret2.io/2022/05/19/pwn2own-2021-parallels-desktop-exploit/
A Pwn2Own 2021 Guest-to-Host Virtualization Escape https://blog.ret2.io/2022/05/19/pwn2own-2021-parallels-desktop-exploit/
RET2 Systems Blog
Exploiting an Unbounded memcpy in Parallels Desktop
This post details the development of a guest-to-host virtualization escape for Parallels Desktop on macOS, as used in our successful Pwn2Own 2021 entry. Give...
Scam and Malicious APK targeting Malaysian: MyMaidKL Technical Analysis https://notes.netbytesec.com/2022/05/scam-and-malicious-apk-targeting.html
Netbytesec
Scam and Malicious APK targeting Malaysian: MyMaidKL Technical Analysis
This post was authored by Taqi and Rosamira
Hydra with Three Heads: BlackByte & The Future of Ransomware Subsidiary Groups https://www.advintel.io/post/hydra-with-three-heads-blackbyte-the-future-of-ransomware-subsidiary-groups
Grafiki - Threat Hunting Tool About Sysmon And Graphs https://www.kitploit.com/2022/05/grafiki-threat-hunting-tool-about.html
KitPloit - PenTest & Hacking Tools
Grafiki - Threat Hunting Tool About Sysmon And Graphs
A journey into IoT – Unknown Chinese alarm – Part 2 – Firmware dump and analysis https://security.humanativaspa.it/a-journey-into-iot-unknown-chinese-alarm-part-2-firmware-dump-and-analysis/
hn security
A journey into IoT - Unknown Chinese alarm - Part 2 - Firmware dump and analysis - hn security
Disclaimer: as many other security researchers […]