High-Throughput, Formal-Methods-Assisted Fuzzing for LLVM https://blog.regehr.org/archives/2148
WarzoneRAT Can Now Evade Detection With Process Hollowing https://www.uptycs.com/blog/warzonerat-can-now-evade-with-process-hollowing
Uptycs
WarzoneRAT Can Now Evade Detection With Process Hollowing
New discovery by the Uptycs Threat Research Team of WarzoneRAT malware samples and Process Injection/Hallowing technique implementation that enables the bypass of detections.
Scheduled Task Tampering https://labs.withsecure.com/blog/scheduled-task-tampering/
Issue 2272: libxml2: heap-buffer-overflow in xmlBufAdd https://bugs.chromium.org/p/project-zero/issues/detail?id=2272
Access Token Manipulation Part 0x01 https://xret2pwn.github.io/Access-Token-Part0x01/
RET2Pwn
Access Token Manipulation Part 0x01
Introduction
DroidGuard: A Deep Dive into SafetyNet https://www.romainthomas.fr/publication/22-sstic-blackhat-droidguard-safetynet/
Romain Thomas
DroidGuard: A Deep Dive into SafetyNet | Romain Thomas
SafetyNet is the Android component developed by Google to verify the devices' integrity. These checks
are used by the developers to prevent running applications on devices that would not meet security requirements
but it is also used by Google to prevent…
are used by the developers to prevent running applications on devices that would not meet security requirements
but it is also used by Google to prevent…
DroidGuard: A Deep Dive into SafetyNet https://www.romainthomas.fr/publication/22-sstic-blackhat-droidguard-safetynet/
Romain Thomas
DroidGuard: A Deep Dive into SafetyNet | Romain Thomas
SafetyNet is the Android component developed by Google to verify the devices' integrity. These checks
are used by the developers to prevent running applications on devices that would not meet security requirements
but it is also used by Google to prevent…
are used by the developers to prevent running applications on devices that would not meet security requirements
but it is also used by Google to prevent…
A Deep Dive into iOS Code Signing
https://blog.umangis.me/a-deep-dive-into-ios-code-signing/
https://blog.umangis.me/a-deep-dive-into-ios-code-signing/
Umang's Blog
A Deep Dive into iOS Code Signing
Apple's code signing is a complex beast, consisting of several different
components, each serving its own unique purpose. When I first started working on
Meteorite
[https://www.reddit.com/r/jailbreak/comments/877y53/discussion_announcing_meteorite_an_opensource/]…
components, each serving its own unique purpose. When I first started working on
Meteorite
[https://www.reddit.com/r/jailbreak/comments/877y53/discussion_announcing_meteorite_an_opensource/]…
Zero-Day Exploitation of Atlassian Confluence https://www.volexity.com/blog/2022/06/02/zero-day-exploitation-of-atlassian-confluence/
Volexity
Zero-Day Exploitation of Atlassian Confluence
UPDATE: On June 3, 2022, Atlassian updated its security advisory with new information regarding a fix for Confluence Server and Data Center to address CVE-2022-26134. Users are encouraged to update immediately to […]
Rapidly evolving IoT malware EnemyBot now targeting Content Management System servers and Android devices https://cybersecurity.att.com/blogs/labs-research/rapidly-evolving-iot-malware-enemybot-now-targeting-content-management-system-servers
LevelBlue
Rapidly evolving IoT malware EnemyBot now targeting Content…
Executive summary LevelBlue Labs™ has been tracking a new IoT botnet dubbed “EnemyBot”, which is believed to be distributed by threat actor Keksec. During our investigations, LevelBlue Labs has discovered that EnemyBot is expanding its capabilities, exploiting…
New malware Campaign delivers Android RAT
https://blog.cyble.com/2022/05/26/new-malware-campaign-delivers-android-rat/
https://blog.cyble.com/2022/05/26/new-malware-campaign-delivers-android-rat/
Offensive Windows IPC Internals 1: Named Pipes https://csandker.io/2021/01/10/Offensive-Windows-IPC-1-NamedPipes.html
Is exploiting a null pointer deref for LPE just a pipe dream? https://www.zerodayinitiative.com/blog/2022/6/1/is-exploiting-a-null-pointer-deref-for-lpe-just-a-pipe-dream
Zero Day Initiative
Zero Day Initiative — Is exploiting a null pointer deref for LPE just a pipe dream?
A lot of blog posts I have read go over interesting vulnerabilities and exploits but do not typically share the process behind discovery. I want to show how sometimes just manually poking around can quickly uncover vulnerabilities you might miss with other…
Mining Google Chrome CVE data https://clearbluejar.github.io/posts/mining-google-chrome-cve-data/
clearbluejar
Mining Google Chrome CVE data
The Google Chrome Releases blog provides CVE data one liners containing all the information needed to create a rich CVE data source. Google Chrome CVEs are plentiful and provide information for understanding Google Chrome security trends. Using the information…
Dynamic unpacker and import fixer for Themida/WinLicense 2.x and 3.x. https://github.com/ergrelet/unlicense
GitHub
GitHub - ergrelet/unlicense: Dynamic unpacker and import fixer for Themida/WinLicense 2.x and 3.x.
Dynamic unpacker and import fixer for Themida/WinLicense 2.x and 3.x. - ergrelet/unlicense
How to Reverse Engineer and Patch an iOS Application for Beginners: Part I https://www.inversecos.com/2022/06/how-to-reverse-engineer-and-patch-ios.html
Inversecos
How to Reverse Engineer and Patch an iOS Application for Beginners: Part I
Functional Programming in Lean https://leanprover.github.io/functional_programming_in_lean/#functional-programming-in-lean