Debugging Win32 binaries in Ghidra via Wine https://john-millikin.com/debugging-win32-binaries-in-ghidra-via-wine
John Millikin
Debugging Win32 binaries in Ghidra via Wine
QBOT Malware Analysis https://www.elastic.co/security-labs/qbot-malware-analysis
www.elastic.co
QBOT Malware Analysis — Elastic Security Labs
Elastic Security Labs releases a QBOT malware analysis report covering the execution chain. From this research, the team has produced a YARA rule, configuration-extractor, and indicators of compromises (IOCs).
From the last DEFCON, interesting talk » Exploitation in the era of formal verification - a peek at a new frontier with AdaCore/SPARK https://media.defcon.org/DEF%20CON%2030/DEF%20CON%2030%20presentations/Adam%20Zabrocki%20%20%20Alex%20Tereshkin%20-%20Exploitation%20in%20the%20era%20of%20formal%20verification%20a%20peek%20at%20a%20new%20frontier%20with%20AdaCore-SPARK.pdf
Uncovering a ChromeOS remote memory corruption vulnerability https://www.microsoft.com/security/blog/2022/08/19/uncovering-a-chromeos-remote-memory-corruption-vulnerability/
Microsoft News
Uncovering a ChromeOS remote memory corruption vulnerability
Microsoft discovered a memory corruption vulnerability in a ChromeOS component that could have been triggered remotely, allowing attackers to perform either a denial-of-service (DoS) or, in extreme cases, remote code execution (RCE).
YaraNG: Reinventing the YARA Scanner https://engineering.avast.io/yarang-reinventing-the-yara-scanner/
Good summary of infosec newsletter » Awesome Cyber Security Newsletters https://github.com/TalEliyahu/awesome-security-newsletters
GitHub
GitHub - TalEliyahu/awesome-security-newsletters: Periodic cyber security newsletters that capture the latest news, summaries of…
Periodic cyber security newsletters that capture the latest news, summaries of conference talks, research, best practices, tools, events, vulnerabilities, and analysis of trending threats and attac...
Linux Kernel Exploit (CVE-2022-32250) with mqueue https://blog.theori.io/research/CVE-2022-32250-linux-kernel-lpe-2022/
Theori BLOG
Empowering Innovation with Security
Explore expert insights into offensive security and threat intelligence.
Explore expert insights into offensive security and threat intelligence.
A technical analysis of Pegasus for Android – Part 1 https://cybergeeks.tech/a-technical-analysis-of-pegasus-for-android-part-1/
SETTLERS OF NETLINK: Exploiting a limited UAF in nf_tables (CVE-2022-32250) https://research.nccgroup.com/2022/09/01/settlers-of-netlink-exploiting-a-limited-uaf-in-nf_tables-cve-2022-32250/
Nccgroup
Cyber Security Research
Cutting-edge cyber security research from NCC Group. Find public reports, technical advisories, analyses, & other novel insights from our global experts.
Attacking Titan M with Only One Byte https://blog.quarkslab.com/attacking-titan-m-with-only-one-byte.html
Quarkslab
Attacking Titan M with Only One Byte - Quarkslab's blog
Following our presentation at Black Hat USA, in this blog post we provide some details on CVE-2022-20233, the latest vulnerability we found on Titan M, and how we exploited it to obtain code execution on the chip.
Anatomy of an exploit in Windows win32k – CVE-2022-21882 https://www.avira.com/en/blog/anatomy-of-an-exploit-in-windows-win32k-cve-2022-21882
Avira Blog
Anatomy of an exploit in Windows win32k - CVE-2022-21882 - Avira Blog
CVE-2022-21882: A new manipulation technique of window objects in kernel memory that leads to privilege escalation
Windows Kernel Introspection (WKI) https://amonsec.net/posts/2022/09/0000000d/
amonsec.net
Windows Kernel Introspection (WKI)
Table of contents Table of contents Introduction User-Mode Application Kernel-Mode Driver Example: Listing Kernel Memory Pool Tag Final Thoughts Introduction Over the last few years that I spent learning more and more about Microsoft Windows, it has been…
Reviewing macOS Unified Logs https://www.mandiant.com/resources/blog/reviewing-macos-unified-logs
Mandiant
macOS Unified Logs | Challenges Related to the Unified Logs
Reviewing macOS Unified Logs. We cover an overview of macOS Unified Logs and the challenges presented in using them during an investigation.
Crimeware Trends | Ransomware Developers Turn to Intermittent Encryption to Evade Detection https://www.sentinelone.com/labs/crimeware-trends-ransomware-developers-turn-to-intermittent-encryption-to-evade-detection/
SentinelOne
Crimeware Trends | Ransomware Developers Turn to Intermittent Encryption to Evade Detection
Partially encrypting victims' files improves ransomware speed and aids evasion. First seen in LockFile, the technique is now being widely adopted.
Profiling DEV-0270: PHOSPHORUS’ ransomware operations https://www.microsoft.com/security/blog/2022/09/07/profiling-dev-0270-phosphorus-ransomware-operations/
Microsoft News
Profiling DEV-0270: PHOSPHORUS’ ransomware operations
Microsoft threat intelligence teams have been tracking multiple ransomware campaigns tied to DEV-0270, also known as Nemesis Kitten, a sub-group of Iranian actor PHOSPHORUS.
Fun with Windows Containers - Popping Calc https://raesene.github.io/blog/2022/09/03/Fun-With-Windows-Containers-Popping-Calc/
raesene.github.io
Fun with Windows Containers - Popping Calc
Exploiting Intel Graphics Kernel Extensions on macOS https://blog.ret2.io/2022/06/29/pwn2own-2021-safari-sandbox-intel-graphics-exploit/
RET2 Systems Blog
Exploiting Intel Graphics Kernel Extensions on macOS
To escape the Safari sandbox for our Pwn2Own 2021 submission, we exploited a vulnerability in the Intel graphics acceleration kernel extensions (drivers) on ...
SSD Advisory – Linux CONFIG_WATCH_QUEUE LPE https://ssd-disclosure.com/ssd-advisory-linux-config_watch_queue-lpe/?hello-lanjelot
SSD Secure Disclosure
SSD Advisory – Linux CONFIG_WATCH_QUEUE LPE - SSD Secure Disclosure
A vulnerability in the way Linux handles the CONFIG_WATCH_QUEUE allows local attackers to reach a race condition and use this to elevate their privileges to root.
Nice notes on this topic » SAT/SMT
by Example (by Dennis Yurichev) https://sat-smt.codes/SAT_SMT_by_example.pdf
by Example (by Dennis Yurichev) https://sat-smt.codes/SAT_SMT_by_example.pdf
Fork Bomb for Flutter https://swarm.ptsecurity.com/fork-bomb-for-flutter/
PT SWARM
Fork Bomb for Flutter
Flutter applications can be found in security analysis projects or bugbounty programs. Most often, such assets are simply overlooked due to the lack of methodologies and ways to reverse engineer them. I decided not to skip this anymore and developed the reFlutter…