Scheduled Task Tampering https://labs.withsecure.com/blog/scheduled-task-tampering/
Issue 2272: libxml2: heap-buffer-overflow in xmlBufAdd https://bugs.chromium.org/p/project-zero/issues/detail?id=2272
Access Token Manipulation Part 0x01 https://xret2pwn.github.io/Access-Token-Part0x01/
RET2Pwn
Access Token Manipulation Part 0x01
Introduction
DroidGuard: A Deep Dive into SafetyNet https://www.romainthomas.fr/publication/22-sstic-blackhat-droidguard-safetynet/
Romain Thomas
DroidGuard: A Deep Dive into SafetyNet | Romain Thomas
SafetyNet is the Android component developed by Google to verify the devices' integrity. These checks
are used by the developers to prevent running applications on devices that would not meet security requirements
but it is also used by Google to prevent…
are used by the developers to prevent running applications on devices that would not meet security requirements
but it is also used by Google to prevent…
DroidGuard: A Deep Dive into SafetyNet https://www.romainthomas.fr/publication/22-sstic-blackhat-droidguard-safetynet/
Romain Thomas
DroidGuard: A Deep Dive into SafetyNet | Romain Thomas
SafetyNet is the Android component developed by Google to verify the devices' integrity. These checks
are used by the developers to prevent running applications on devices that would not meet security requirements
but it is also used by Google to prevent…
are used by the developers to prevent running applications on devices that would not meet security requirements
but it is also used by Google to prevent…
A Deep Dive into iOS Code Signing
https://blog.umangis.me/a-deep-dive-into-ios-code-signing/
https://blog.umangis.me/a-deep-dive-into-ios-code-signing/
Umang's Blog
A Deep Dive into iOS Code Signing
Apple's code signing is a complex beast, consisting of several different
components, each serving its own unique purpose. When I first started working on
Meteorite
[https://www.reddit.com/r/jailbreak/comments/877y53/discussion_announcing_meteorite_an_opensource/]…
components, each serving its own unique purpose. When I first started working on
Meteorite
[https://www.reddit.com/r/jailbreak/comments/877y53/discussion_announcing_meteorite_an_opensource/]…
Zero-Day Exploitation of Atlassian Confluence https://www.volexity.com/blog/2022/06/02/zero-day-exploitation-of-atlassian-confluence/
Volexity
Zero-Day Exploitation of Atlassian Confluence
UPDATE: On June 3, 2022, Atlassian updated its security advisory with new information regarding a fix for Confluence Server and Data Center to address CVE-2022-26134. Users are encouraged to update immediately to […]
Rapidly evolving IoT malware EnemyBot now targeting Content Management System servers and Android devices https://cybersecurity.att.com/blogs/labs-research/rapidly-evolving-iot-malware-enemybot-now-targeting-content-management-system-servers
LevelBlue
Rapidly evolving IoT malware EnemyBot now targeting Content…
Executive summary LevelBlue Labs™ has been tracking a new IoT botnet dubbed “EnemyBot”, which is believed to be distributed by threat actor Keksec. During our investigations, LevelBlue Labs has discovered that EnemyBot is expanding its capabilities, exploiting…
New malware Campaign delivers Android RAT
https://blog.cyble.com/2022/05/26/new-malware-campaign-delivers-android-rat/
https://blog.cyble.com/2022/05/26/new-malware-campaign-delivers-android-rat/
Offensive Windows IPC Internals 1: Named Pipes https://csandker.io/2021/01/10/Offensive-Windows-IPC-1-NamedPipes.html
Is exploiting a null pointer deref for LPE just a pipe dream? https://www.zerodayinitiative.com/blog/2022/6/1/is-exploiting-a-null-pointer-deref-for-lpe-just-a-pipe-dream
Zero Day Initiative
Zero Day Initiative — Is exploiting a null pointer deref for LPE just a pipe dream?
A lot of blog posts I have read go over interesting vulnerabilities and exploits but do not typically share the process behind discovery. I want to show how sometimes just manually poking around can quickly uncover vulnerabilities you might miss with other…
Mining Google Chrome CVE data https://clearbluejar.github.io/posts/mining-google-chrome-cve-data/
clearbluejar
Mining Google Chrome CVE data
The Google Chrome Releases blog provides CVE data one liners containing all the information needed to create a rich CVE data source. Google Chrome CVEs are plentiful and provide information for understanding Google Chrome security trends. Using the information…
Dynamic unpacker and import fixer for Themida/WinLicense 2.x and 3.x. https://github.com/ergrelet/unlicense
GitHub
GitHub - ergrelet/unlicense: Dynamic unpacker and import fixer for Themida/WinLicense 2.x and 3.x.
Dynamic unpacker and import fixer for Themida/WinLicense 2.x and 3.x. - ergrelet/unlicense
How to Reverse Engineer and Patch an iOS Application for Beginners: Part I https://www.inversecos.com/2022/06/how-to-reverse-engineer-and-patch-ios.html
Inversecos
How to Reverse Engineer and Patch an iOS Application for Beginners: Part I
Functional Programming in Lean https://leanprover.github.io/functional_programming_in_lean/#functional-programming-in-lean
Kinsing & Dark.IoT botnet among threats targeting CVE-2022-26134 https://www.lacework.com/blog/kinsing-dark-iot-botnet-among-threats-targeting-cve-2022-26134/
Lacework
Kinsing & Dark.IoT botnet among threats targeting CVE-2022-26134
Details regarding the recent Confluence OGNL (CVE-2022-26134) exploit were released to the public on June 3rd 2022. Shortly following this, Lacework Labs began seeing multiple attacks in the wild from both uncategorized and named threats. While this was expected…