Researchers created a PoC exploit for Safari CVE-2022-26717 bug https://securityonline.info/researchers-created-a-poc-exploit-for-safari-cve-2022-26717-bug/
Cybersecurity News
Researchers created a PoC exploit for Safari CVE-2022-26717 bug
Theori researchers have created a working PoC exploit for the recently patched CVE-2022-26717 vulnerability affecting Apple Safari product
National bank hit by ransomware trolls hackers with dick pics https://www.bleepingcomputer.com/news/security/national-bank-hit-by-ransomware-trolls-hackers-with-dick-pics/
BleepingComputer
National bank hit by ransomware trolls hackers with dick pics
After suffering a ransomware attack by the Hive operation, the Bank of Zambia made it clear that they were not going to pay by posting a picture of male genitalia and telling the hackers to s… (well, you can use your imagination).
SEO Poisoning – A Gootloader Story https://thedfirreport.com/2022/05/09/seo-poisoning-a-gootloader-story/
The DFIR Report
SEO Poisoning – A Gootloader Story
In early February 2022, we witnessed an intrusion employing Gootloader (aka GootKit) as the initial access vector. The intrusion lasted two days and comprised discovery, persistence, lateral moveme…
When eBPF meets TLS! A Security Focused Introduction to eBPF https://github.com/quarkslab/conf-presentations/blob/master/CanSecWest-2022/When%20eBPF%20meets%20TLS.pdf
Faster CRC32 on the Apple M1 https://dougallj.wordpress.com/2022/05/22/faster-crc32-on-the-apple-m1/
dougallj
Faster CRC32 on the Apple M1
CRC32 is a checksum first proposed in 1961, and now used in a wide variety of performance sensitive contexts, from file formats (zip, png, gzip) to filesystems (ext4, btrfs) and protocols (like eth…
BinAbsInspector: Vulnerability Scanner for Binaries https://securityonline.info/binabsinspector-vulnerability-scanner-for-binaries/
Penetration Testing
BinAbsInspector: Vulnerability Scanner for Binaries • Penetration Testing
Binary Abstract Inspector is a static analyzer for automated reverse engineering and scanning vulnerabilities in binaries
CVE-2022-25237: Bonitasoft Authorization Bypass and RCE https://rhinosecuritylabs.com/application-security/cve-2022-25237-bonitasoft-authorization-bypass/
Rhino Security Labs
CVE-2022-25237: Bonitasoft Authorization Bypass and RCE
Bonita Web 2021.2 is affected by an authentication/authorization bypass vulnerability in the API authorization filters.
Improving the exploit for CVE-2021-26708 in the Linux kernel to bypass LKRG https://a13xp0p0v.github.io/2021/08/25/lkrg-bypass.html
Alexander Popov
Improving the exploit for CVE-2021-26708 in the Linux kernel to bypass LKRG
This is the follow-up to my research described in the article "Four Bytes of Power: Exploiting CVE-2021-26708 in the Linux kernel." My PoC exploit for CVE-2021-26708 had a very limited facility for privilege escalation, and I decided to continue my experiments…
Tips for Automating IOC Extraction from GootLoader, a Changing JavaScript Malware https://threatresearch.ext.hp.com/tips-for-automating-ioc-extraction-from-gootloader-a-changing-javascript-malware/
HP Wolf Security
Tips for Automating IOC Extraction from GootLoader, a Changing JavaScript Malware | HP Wolf Security
Don’t let cyber threats get the best of you. Read our post, Tips for Automating IOC Extraction from GootLoader, a Changing JavaScript Malware, to learn more about cyber threats and cyber security.
How Secure is your Android Keystore Authentication ? https://labs.withsecure.com/blog/how-secure-is-your-android-keystore-authentication/
New Research Paper: Pre-hijacking Attacks on Web User Accounts https://msrc-blog.microsoft.com/2022/05/23/pre-hijacking-attacks/
Beneath the surface: Uncovering the shift in web skimming https://www.microsoft.com/security/blog/2022/05/23/beneath-the-surface-uncovering-the-shift-in-web-skimming/
Microsoft Security Blog
Beneath the surface: Uncovering the shift in web skimming | Microsoft Security Blog
Web skimming campaigns now employ various obfuscation techniques to deliver and hide the skimming scripts. It’s a shift from earlier tactics where attackers conspicuously injected the malicious scripts into e-commerce platforms and content management systems…
Follina — a Microsoft Office code execution vulnerability https://doublepulsar.com/follina-a-microsoft-office-code-execution-vulnerability-1a47fce5629e
Medium
Follina — a Microsoft Office code execution vulnerability
Two days ago, Nao_sec identified an odd looking Word document in the wild, uploaded from an IP address in Belarus:
Exploit Development: No Code Execution? No Problem! Living The Age of VBS, HVCI, and Kernel CFG https://connormcgarr.github.io/hvci/
Connor McGarr’s Blog
Exploit Development: No Code Execution? No Problem! Living The Age of VBS, HVCI, and Kernel CFG
Dealing with Virtualization-Based Security (VBS), Hypervisor-Protected Code Integrity (HVCI), and Kernel Control Flow Guard (kCFG).
Good summary about how IPv6 works https://repository.jisc.ac.uk/8349/1/janet-ipv6-technical-guide.pdf
Pwnton Pack: An Unlicensed 802.11 Particle Accelerator https://www.trustedsec.com/blog/pwnton-pack-an-unlicensed-802-11-particle-accelerator/
TrustedSec
Pwnton Pack: An Unlicensed 802.11 Particle Accelerator
Unleash the Power of Wi-Fi Bustin' with the Pwnton Pack, a cutting-edge wireless assessment tool featuring integrated devices and a proprietary micro…
Understanding CVE-2022-22972 (VMWare Workspace One Access Auth Bypass) https://blog.assetnote.io/2022/05/27/understanding-cve-2022-22972-vmware-workspace-one-access/
Assetnote
Understanding CVE-2022-22972 (VMWare Workspace One Access Auth Bypass)
Application security issues found by Assetnote
Zero Day Vulnerability: Chromium v8 js engine issue 1303458 — Use After Free in x64 Instruction Optimization Vulnerability Analysis https://infosecwriteups.com/zero-day-vulnerability-chromium-v8-js-engine-issue-1303458-use-after-free-in-x64-instruction-e874419436a6
Medium
Zero Day Vulnerability: Chromium v8 js engine issue 1303458 — Use After Free in x64 Instruction…
Introduction
Frida-Ios-Hook - A Tool That Helps You Easy Trace Classes, Functions, And Modify The Return Values Of Methods On iOS Platform https://www.kitploit.com/2022/05/frida-ios-hook-tool-that-helps-you-easy.html
KitPloit - PenTest & Hacking Tools
Frida-Ios-Hook - A Tool That Helps You Easy Trace Classes, Functions, And Modify The Return Values Of Methods On iOS Platform