Notes on OpenSSL remote memory corruption https://guidovranken.com/2022/06/27/notes-on-openssl-remote-memory-corruption/
Guido Vranken
Notes on OpenSSL remote memory corruption
OpenSSL version 3.0.4, released on June 21th 2022, is susceptible to remote memory corruption which can be triggered trivially by an attacker. BoringSSL, LibreSSL and the OpenSSL 1.1.1 branch are n…
A Begginers All Inclusive Guide to ETW
https://bmcder.com/blog/a-begginers-all-inclusive-guide-to-etw
https://bmcder.com/blog/a-begginers-all-inclusive-guide-to-etw
nice post » A Syscall Journey in the Windows Kernel https://alice.climent-pommeret.red/posts/a-syscall-journey-in-the-windows-kernel/
Exploiting Intel Graphics Kernel Extensions on macOS: A Pwn2Own 2021 Apple Safari Sandbox Escape https://blog.ret2.io/2022/06/29/pwn2own-2021-safari-sandbox-intel-graphics-exploit/
RET2 Systems Blog
Exploiting Intel Graphics Kernel Extensions on macOS
To escape the Safari sandbox for our Pwn2Own 2021 submission, we exploited a vulnerability in the Intel graphics acceleration kernel extensions (drivers) on ...
2022 0-day In-the-Wild Exploitation…so far https://googleprojectzero.blogspot.com/2022/06/2022-0-day-in-wild-exploitationso-far.html
Blogspot
2022 0-day In-the-Wild Exploitation…so far
Posted by Maddie Stone, Google Project Zero This blog post is an overview of a talk, “ 0-day In-the-Wild Exploitation in 2022…so far”,...
Vulpes: Obfuscating Memory Regions with Timers https://mez0.cc/posts/vulpes-obfuscating-memory-regions/
CVE-2022-28219: Unauthenticated XXE to RCE and Domain Compromise in ManageEngine ADAudit Plus https://www.horizon3.ai/red-team-blog-cve-2022-28219/
Horizon3.ai
CVE-2022-28219: Unauthenticated XXE to RCE and Domain Compromise in ManageEngine ADAudit Plus
CVE-2022-28219 is an unauthenticated remote code execution vulnerability affecting Zoho ManageEngine ADAudit Plus, a compliance tool used by enterprises to monitor changes to Active Directory.
It’s Been Zero Days Since BIND9 Crashed https://spidersilk.com/news/Its-Been-Zero-Days-Since-BIND9-Crashed
Understanding the Compound File Binary Format and OLE Structures to Mess with CVE-2022-30190 https://cymulate.com/blog/cve-2022-30190-2/
Cymulate
Messing with CVE-2022-30190 by Understanding Compound File Binary Format and OLE Structures
Gain an understanding of the Compound File Binary Format and OLE Structures to Mess with CVE-2022-30190 in this blog post by Cymulate.
Nice introduction to the unpacking topic » "Unpacking binary 101" https://sam0x90.blog/2020/06/06/unpacking-binary-101/
Sam0x90 blog
Unpacking binary 101
This is a quick blog post about how to unpack your first binary, hope you’ll learn something :) I tried to make this article not too long so the techniques covered are fairly basics, but this…
Talk of last #Troopers22 "macOS vulnerabilities hiding in plain sight" https://troopers.de/troopers22/talks/dmeuyd/ https://www.slideshare.net/CsabaFitzl/macos-vulnerabilities-hiding-in-plain-sight
troopers.de
macOS vulnerabilities hiding in plain sight
TROOPERS is more than just an infoSec con. Hands-on, high-end knowledge sharing leaves you motivated and charged to
Debugging Stop 0xA5 – CRITICAL_SERVICE_FAILED https://bsodtutorials.wordpress.com/2022/07/01/debugging-stop-0xa5-critical_service_failed/
Machines Can Think
Debugging Stop 0xA5 – CRITICAL_SERVICE_FAILED
CRITICAL_SERVICE_FAILED (5a) Arguments: Arg1: 0000000000000001 Arg2: ffff9306a338e8e0 Arg3: ffff8007674475a0 Arg4: ffffffffc0000103 Again, another rare and undocumented bugcheck, there is no parame…
Using process creation properties to catch evasion techniques https://www.microsoft.com/security/blog/2022/06/30/using-process-creation-properties-to-catch-evasion-techniques/
Microsoft News
Using process creation properties to catch evasion techniques
We developed a robust detection method in Microsoft Defender for Endpoint that can catch known and unknown variations of a process execution class used by attackers to evade detection. This class of stealthy execution techniques include process doppelganging…
Amazon Confirmed and Fixed a High Severity Vulnerability of Broken Authentication in Amazon Photos Android App
https://checkmarx.com/blog/amazon-confirmed-and-fixed-a-high-severity-vulnerability-of-broken-authentication-in-amazon-photos-android-app/#MobileSecurity
https://checkmarx.com/blog/amazon-confirmed-and-fixed-a-high-severity-vulnerability-of-broken-authentication-in-amazon-photos-android-app/#MobileSecurity
Checkmarx.com
Amazon Confirmed and Fixed a High Severity Vulnerability of Broken Authentication in Amazon Photos Android App
Our research team at Checkmarx found that the Amazon Photos Android app could have allowed a malicious application, installed on the user’s phone, to steal their Amazon access token. The Android app has over 50 million downloads.
Hacking my Tesla Model 3 - Security Overview https://fn.lc/post/tesla-model-3/
nday exploit: netgear orbi unauthenticated command injection (cve-2020-27861) https://blog.coffinsec.com//research/2022/07/02/orbi-nday-exploit-cve-2020-27861.html
hyprblog
nday exploit: netgear orbi unauthenticated command injection (CVE-2020-27861)
rediscovering and developing a weaponized exploit for a command injection vulnerability in Orbi wifi systems that was reported and patched last year.
Reversing of malware network protocols with angr https://www.securityartwork.es/2018/04/09/reversing-of-malware-network-protocols-with-angr/
Security Art Work
‘Reversing’ of malware network protocols with ‘angr’ - Security Art Work
One of the most difficult objectives to obtain in the analysis of a malicious binary is usually discovering all of the functionalities that it has. If in addition, these functions are only executed at the discretion of the attackers through its control center…
Toll fraud malware: How an Android application can drain your wallet https://www.microsoft.com/security/blog/2022/06/30/toll-fraud-malware-how-an-android-application-can-drain-your-wallet/
Microsoft News
Toll fraud malware: How an Android application can drain your wallet
Toll fraud malware, a subcategory of billing fraud in which malicious applications subscribe users to premium services without their knowledge or consent, is one of the most prevalent types of Android malware – and it continues to evolve.
Flubot: the evolution of a notorious Android Banking Malware https://blog.fox-it.com/2022/06/29/flubot-the-evolution-of-a-notorious-android-banking-malware/
Fox-IT International blog
Flubot: the evolution of a notorious Android Banking Malware
Authored by Alberto Segura (main author) and Rolf Govers (co-author) Summary Flubot is an Android based malware that has been distributed in the past 1.5 years inEurope, Asia and Oceania affecting …