Uninitialized Memory Disclosures in Web Applications https://blog.silentsignal.eu/2020/04/20/uninitialized-memory-disclosures-in-web-applications/
The seventh way to call a JavaScript function without parentheses https://portswigger.net/research/the-seventh-way-to-call-a-javascript-function-without-parentheses
PortSwigger Research
The seventh way to call a JavaScript function without parentheses
I thought I knew all the ways to call functions without parentheses: alert`1337` throw onerror=alert,1337 Function`x${'alert\x281337\x29'}x``` 'alert\x281337\x29'instanceof{[Symbol['hasInstance']]:eva
WriteProcessMemoryAPC - Write memory to a remote process using APC calls https://www.x86matthew.com/view_post?id=writeprocessmemory_apc
The Anatomy of a Malicious Package https://blog.phylum.io/malicious-javascript-code-in-npm-malware
Dead or Alive? An Emotet Story https://thedfirreport.com/2022/09/12/dead-or-alive-an-emotet-story/
The DFIR Report
Dead or Alive? An Emotet Story - The DFIR Report
In this intrusion from May 2022, we observed a domain-wide compromise that started from a malware ridden Excel document containing the never-dying malware, Emotet. The post-exploitation started very soon after the initial compromise. The threat actors began…
memOptix: A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction framework https://github.com/blueteam0ps/memOptix/
GitHub
GitHub - blueteam0ps/memOptix: A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction…
A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction framework. - blueteam0ps/memOptix
Attacking the Android kernel using the Qualcomm TrustZone https://tamirzb.com/attacking-android-kernel-using-qualcomm-trustzone
Tamir Zahavi-Brunner’s Blog
Attacking the Android kernel using the Qualcomm TrustZone
In this post I describe a somewhat unique Android kernel exploit, which utilizes the TrustZone in order to compromise the kernel.
Caching the Un-cacheables - Abusing URL Parser Confusions (Web Cache Poisoning Technique) https://nokline.github.io/bugbounty/2022/09/02/Glassdoor-Cache-Poisoning.html
Traces of Windows remote command execution https://www.synacktiv.com/publications/traces-of-windows-remote-command-execution.html
Synacktiv
Traces of Windows remote command execution
Implementing a Zero Trust strategy after compromise recovery https://www.microsoft.com/security/blog/2022/09/14/implementing-a-zero-trust-strategy-after-compromise-recovery/
Microsoft News
Implementing a Zero Trust strategy after compromise recovery
After a compromise recovery, we follow a plan for moving forward to get up-to-date with security posture all over the environment.
Malicious OAuth applications abuse cloud email services to spread spam https://www.microsoft.com/security/blog/2022/09/22/malicious-oauth-applications-used-to-compromise-email-servers-and-spread-spam/
Security Advisory: NETGEAR Routers FunJSQ Vulnerabilities https://onekey.com/blog/security-advisory-netgear-routers-funjsq-vulnerabilities/
Onekey
Security Advisory: NETGEAR Routers FunJSQ Vulnerabilities | ONEKEY Research | Research | ONEKEY
Detailed vulnerability analysis identifies several problems in FunJSQ on NETGEAR Routers & Orbi WiFi Systems. Read latest Security Advisory here 👉
AST Injection, Prototype Pollution to RCE https://blog.p6.is/AST-Injection/
Undermining Microsoft Teams Security by Mining Tokens https://www.vectra.ai/blogpost/undermining-microsoft-teams-security-by-mining-tokens
Interesting paper from ACM CCS'22 » "Jit-Picking: Differential Fuzzing of JavaScript Engines" https://publications.cispa.saarland/3773/1/2022-CCS-JIT-Fuzzing.pdf
Jumping NAT to Shut Down Electric Devices https://claroty.com/team82/research/jumping-nat-to-shut-down-electric-devices
Claroty
Bypassing NAT to Attack Dataprobe iBoot-PDUs
Team82 discloses details on vulnerabilities in Dataprobe iBoot-PDUs that expose power distribution units to remote code execution.
Giving JuicyPotato a second chance: JuicyPotatoNG https://decoder.cloud/2022/09/21/giving-juicypotato-a-second-chance-juicypotatong/
Decoder's Blog
Giving JuicyPotato a second chance: JuicyPotatoNG
Well, it’s been a long time ago since our beloved JuicyPotato has been published. Meantime things changed and got fixed (backported also to Win10 1803/Server2016) leading to the glorious end …