Zero Day Vulnerability: Chromium v8 js engine issue 1303458 — Use After Free in x64 Instruction Optimization Vulnerability Analysis https://infosecwriteups.com/zero-day-vulnerability-chromium-v8-js-engine-issue-1303458-use-after-free-in-x64-instruction-e874419436a6
Medium
Zero Day Vulnerability: Chromium v8 js engine issue 1303458 — Use After Free in x64 Instruction…
Introduction
Frida-Ios-Hook - A Tool That Helps You Easy Trace Classes, Functions, And Modify The Return Values Of Methods On iOS Platform https://www.kitploit.com/2022/05/frida-ios-hook-tool-that-helps-you-easy.html
KitPloit - PenTest & Hacking Tools
Frida-Ios-Hook - A Tool That Helps You Easy Trace Classes, Functions, And Modify The Return Values Of Methods On iOS Platform
The BlackByte ransomware group is striking users all over the globe https://blog.talosintelligence.com/2022/05/the-blackbyte-ransomware-group-is.html
Cisco Talos Blog
The BlackByte ransomware group is striking users all over the globe
News summary
* Cisco Talos has been monitoring the BlackByte Ransomware Group for several months, infecting victims all over the world, from North America to Colombia, Netherlands, China, Mexico and Vietnam.
* The FBI released a joint cybersecurity advisory…
* Cisco Talos has been monitoring the BlackByte Ransomware Group for several months, infecting victims all over the world, from North America to Colombia, Netherlands, China, Mexico and Vietnam.
* The FBI released a joint cybersecurity advisory…
Arbitrary File Upload Tricks In Java https://pyn3rd.github.io/2022/05/07/Arbitrary-File-Upload-Tricks-In-Java/
Pyn3Rd
Arbitrary File Upload Tricks In Java
0x01 ForewordsRecently I see some discussions about arbitrary file upload in Java environment on Internet. The main takling points are how to bypass file name detection when uploading arbitrary file.
High-Throughput, Formal-Methods-Assisted Fuzzing for LLVM https://blog.regehr.org/archives/2148
WarzoneRAT Can Now Evade Detection With Process Hollowing https://www.uptycs.com/blog/warzonerat-can-now-evade-with-process-hollowing
Uptycs
WarzoneRAT Can Now Evade Detection With Process Hollowing
New discovery by the Uptycs Threat Research Team of WarzoneRAT malware samples and Process Injection/Hallowing technique implementation that enables the bypass of detections.
Scheduled Task Tampering https://labs.withsecure.com/blog/scheduled-task-tampering/
Issue 2272: libxml2: heap-buffer-overflow in xmlBufAdd https://bugs.chromium.org/p/project-zero/issues/detail?id=2272
Access Token Manipulation Part 0x01 https://xret2pwn.github.io/Access-Token-Part0x01/
RET2Pwn
Access Token Manipulation Part 0x01
Introduction
DroidGuard: A Deep Dive into SafetyNet https://www.romainthomas.fr/publication/22-sstic-blackhat-droidguard-safetynet/
Romain Thomas
DroidGuard: A Deep Dive into SafetyNet | Romain Thomas
SafetyNet is the Android component developed by Google to verify the devices' integrity. These checks
are used by the developers to prevent running applications on devices that would not meet security requirements
but it is also used by Google to prevent…
are used by the developers to prevent running applications on devices that would not meet security requirements
but it is also used by Google to prevent…
DroidGuard: A Deep Dive into SafetyNet https://www.romainthomas.fr/publication/22-sstic-blackhat-droidguard-safetynet/
Romain Thomas
DroidGuard: A Deep Dive into SafetyNet | Romain Thomas
SafetyNet is the Android component developed by Google to verify the devices' integrity. These checks
are used by the developers to prevent running applications on devices that would not meet security requirements
but it is also used by Google to prevent…
are used by the developers to prevent running applications on devices that would not meet security requirements
but it is also used by Google to prevent…
A Deep Dive into iOS Code Signing
https://blog.umangis.me/a-deep-dive-into-ios-code-signing/
https://blog.umangis.me/a-deep-dive-into-ios-code-signing/
Umang's Blog
A Deep Dive into iOS Code Signing
Apple's code signing is a complex beast, consisting of several different
components, each serving its own unique purpose. When I first started working on
Meteorite
[https://www.reddit.com/r/jailbreak/comments/877y53/discussion_announcing_meteorite_an_opensource/]…
components, each serving its own unique purpose. When I first started working on
Meteorite
[https://www.reddit.com/r/jailbreak/comments/877y53/discussion_announcing_meteorite_an_opensource/]…
Zero-Day Exploitation of Atlassian Confluence https://www.volexity.com/blog/2022/06/02/zero-day-exploitation-of-atlassian-confluence/
Volexity
Zero-Day Exploitation of Atlassian Confluence
UPDATE: On June 3, 2022, Atlassian updated its security advisory with new information regarding a fix for Confluence Server and Data Center to address CVE-2022-26134. Users are encouraged to update immediately to […]
Rapidly evolving IoT malware EnemyBot now targeting Content Management System servers and Android devices https://cybersecurity.att.com/blogs/labs-research/rapidly-evolving-iot-malware-enemybot-now-targeting-content-management-system-servers
LevelBlue
Rapidly evolving IoT malware EnemyBot now targeting Content…
Executive summary LevelBlue Labs™ has been tracking a new IoT botnet dubbed “EnemyBot”, which is believed to be distributed by threat actor Keksec. During our investigations, LevelBlue Labs has discovered that EnemyBot is expanding its capabilities, exploiting…
New malware Campaign delivers Android RAT
https://blog.cyble.com/2022/05/26/new-malware-campaign-delivers-android-rat/
https://blog.cyble.com/2022/05/26/new-malware-campaign-delivers-android-rat/
Offensive Windows IPC Internals 1: Named Pipes https://csandker.io/2021/01/10/Offensive-Windows-IPC-1-NamedPipes.html
Is exploiting a null pointer deref for LPE just a pipe dream? https://www.zerodayinitiative.com/blog/2022/6/1/is-exploiting-a-null-pointer-deref-for-lpe-just-a-pipe-dream
Zero Day Initiative
Zero Day Initiative — Is exploiting a null pointer deref for LPE just a pipe dream?
A lot of blog posts I have read go over interesting vulnerabilities and exploits but do not typically share the process behind discovery. I want to show how sometimes just manually poking around can quickly uncover vulnerabilities you might miss with other…