Killnet cyber attacks against Italy and NATO countries https://sysdig.com/blog/killnet-italy-and-nato/
Sysdig
Killnet cyber attacks against Italy and NATO countries | Sysdig
The hacker group Killnet claimed the attacks against Italy. How it's possible to detect the activities of the Mirai botnet used through Falco
Operation RestyLink: APT campaign targeting Japanese companies https://insight-jp.nttsecurity.com/post/102hojk/operation-restylink-apt-campaign-targeting-japanese-companies
Exploiting an Unbounded memcpy in Parallels Desktop
A Pwn2Own 2021 Guest-to-Host Virtualization Escape https://blog.ret2.io/2022/05/19/pwn2own-2021-parallels-desktop-exploit/
A Pwn2Own 2021 Guest-to-Host Virtualization Escape https://blog.ret2.io/2022/05/19/pwn2own-2021-parallels-desktop-exploit/
RET2 Systems Blog
Exploiting an Unbounded memcpy in Parallels Desktop
This post details the development of a guest-to-host virtualization escape for Parallels Desktop on macOS, as used in our successful Pwn2Own 2021 entry. Give...
Scam and Malicious APK targeting Malaysian: MyMaidKL Technical Analysis https://notes.netbytesec.com/2022/05/scam-and-malicious-apk-targeting.html
Netbytesec
Scam and Malicious APK targeting Malaysian: MyMaidKL Technical Analysis
This post was authored by Taqi and Rosamira
Hydra with Three Heads: BlackByte & The Future of Ransomware Subsidiary Groups https://www.advintel.io/post/hydra-with-three-heads-blackbyte-the-future-of-ransomware-subsidiary-groups
Grafiki - Threat Hunting Tool About Sysmon And Graphs https://www.kitploit.com/2022/05/grafiki-threat-hunting-tool-about.html
KitPloit - PenTest & Hacking Tools
Grafiki - Threat Hunting Tool About Sysmon And Graphs
A journey into IoT – Unknown Chinese alarm – Part 2 – Firmware dump and analysis https://security.humanativaspa.it/a-journey-into-iot-unknown-chinese-alarm-part-2-firmware-dump-and-analysis/
hn security
A journey into IoT - Unknown Chinese alarm - Part 2 - Firmware dump and analysis - hn security
Disclaimer: as many other security researchers […]
Bits & Signals: Qatar International Cybersecurity Competition https://arush15june.github.io/posts/2019-24-11-hacking-qatar/
Bits & Signals: Qatar International Cybersecurity Competition
Bits & Signals: Qatar International Cybersecurity Competition :: silly onions — Opinionated articles
TL;DR: Al Capwn goes international! We won the second prize hacking hardware with our 15$ (1000 INR) SDR and Logic Analyzer in Doha, Qatar! In October 2019, Members of Al Capwn flew from New Delhi, India to Doha, Qatar to attend Qatar International Cybersecurity…
Metastealer – filling the Racoon void https://research.nccgroup.com/2022/05/20/metastealer-filling-the-racoon-void/
Nccgroup
Cyber Security Research
Cutting-edge cyber security research from NCC Group. Find public reports, technical advisories, analyses, & other novel insights from our global experts.
Researchers created a PoC exploit for Safari CVE-2022-26717 bug https://securityonline.info/researchers-created-a-poc-exploit-for-safari-cve-2022-26717-bug/
Cybersecurity News
Researchers created a PoC exploit for Safari CVE-2022-26717 bug
Theori researchers have created a working PoC exploit for the recently patched CVE-2022-26717 vulnerability affecting Apple Safari product
National bank hit by ransomware trolls hackers with dick pics https://www.bleepingcomputer.com/news/security/national-bank-hit-by-ransomware-trolls-hackers-with-dick-pics/
BleepingComputer
National bank hit by ransomware trolls hackers with dick pics
After suffering a ransomware attack by the Hive operation, the Bank of Zambia made it clear that they were not going to pay by posting a picture of male genitalia and telling the hackers to s… (well, you can use your imagination).
SEO Poisoning – A Gootloader Story https://thedfirreport.com/2022/05/09/seo-poisoning-a-gootloader-story/
The DFIR Report
SEO Poisoning – A Gootloader Story
In early February 2022, we witnessed an intrusion employing Gootloader (aka GootKit) as the initial access vector. The intrusion lasted two days and comprised discovery, persistence, lateral moveme…
When eBPF meets TLS! A Security Focused Introduction to eBPF https://github.com/quarkslab/conf-presentations/blob/master/CanSecWest-2022/When%20eBPF%20meets%20TLS.pdf
Faster CRC32 on the Apple M1 https://dougallj.wordpress.com/2022/05/22/faster-crc32-on-the-apple-m1/
dougallj
Faster CRC32 on the Apple M1
CRC32 is a checksum first proposed in 1961, and now used in a wide variety of performance sensitive contexts, from file formats (zip, png, gzip) to filesystems (ext4, btrfs) and protocols (like eth…
BinAbsInspector: Vulnerability Scanner for Binaries https://securityonline.info/binabsinspector-vulnerability-scanner-for-binaries/
Penetration Testing
BinAbsInspector: Vulnerability Scanner for Binaries • Penetration Testing
Binary Abstract Inspector is a static analyzer for automated reverse engineering and scanning vulnerabilities in binaries
CVE-2022-25237: Bonitasoft Authorization Bypass and RCE https://rhinosecuritylabs.com/application-security/cve-2022-25237-bonitasoft-authorization-bypass/
Rhino Security Labs
CVE-2022-25237: Bonitasoft Authorization Bypass and RCE
Bonita Web 2021.2 is affected by an authentication/authorization bypass vulnerability in the API authorization filters.
Improving the exploit for CVE-2021-26708 in the Linux kernel to bypass LKRG https://a13xp0p0v.github.io/2021/08/25/lkrg-bypass.html
Alexander Popov
Improving the exploit for CVE-2021-26708 in the Linux kernel to bypass LKRG
This is the follow-up to my research described in the article "Four Bytes of Power: Exploiting CVE-2021-26708 in the Linux kernel." My PoC exploit for CVE-2021-26708 had a very limited facility for privilege escalation, and I decided to continue my experiments…
Tips for Automating IOC Extraction from GootLoader, a Changing JavaScript Malware https://threatresearch.ext.hp.com/tips-for-automating-ioc-extraction-from-gootloader-a-changing-javascript-malware/
HP Wolf Security
Tips for Automating IOC Extraction from GootLoader, a Changing JavaScript Malware | HP Wolf Security
Don’t let cyber threats get the best of you. Read our post, Tips for Automating IOC Extraction from GootLoader, a Changing JavaScript Malware, to learn more about cyber threats and cyber security.