NIST Drafts Major Update to Its Widely Used Cybersecurity Framework https://www.nist.gov/news-events/news/2023/08/nist-drafts-major-update-its-widely-used-cybersecurity-framework
NIST
NIST Drafts Major Update to Its Widely Used Cybersecurity Framework
NIST has revised the framework to help benefit all sectors, not just critical infrastructure.
Analysis and Exploitation of CVE-2023-3519 https://bishopfox.com/blog/analysis-exploitation-cve-2023-3519
Bishop Fox
Analysis and Exploitation of CVE-2023-3519
Bishop Fox provides additional analysis and exploitation of CVE-2023-3519, a critical remote code execution vulnerability in Citrix ADC. Learn more here!
YAMA-Yet Another Memory Analyzer for malware detection https://blogs.jpcert.or.jp/en/2023/08/yama.html
JPCERT/CC Eyes
YAMA-Yet Another Memory Analyzer for malware detection - JPCERT/CC Eyes
As attacks become more fileless and malware gets more obfuscated, it is getting more difficult to determine whether there is a malicious intent from a file by itself. For this reason, malware detection methods that utilize sandboxes and AI, as...
👍1
Cobalt Strike Process Inject Kit https://offensivedefence.co.uk/posts/cs-process-inject-kit/
offensivedefence.co.uk
Cobalt Strike Process Inject Kit
Introduction I was scrolling through one of the social media dumpster fires the other day and whizzed past a post that caught my attention. The post itself was not paricularly novel - it was a process injection technique implemented as a Cobalt Strike Beacon…
New Statc Stealer Malware Emerges: Your Sensitive Data at Risk https://thehackernews.com/2023/08/new-statc-stealer-malware-emerges-your.html
Lexmark Command Injection Vulnerability ZDI-CAN-19470 Pwn2Own Toronto 2022 https://www.horizon3.ai/lexmark-command-injection-vulnerability-zdi-can-19470-pwn2own-toronto-2022/
A Pain in the NAS: Exploiting Cloud Connectivity to PWN your NAS: WD PR4100 Edition https://claroty.com/team82/research/a-pain-in-the-nas-exploiting-cloud-connectivity-to-pwn-your-nas-wd-pr4100-edition
Claroty
Exploiting Cloud Connectivity to PWN your NAS: WD PR4100
Claroty unveils a unique attack technique that could allow an attacker to impersonate Western Digital (WD) network-attached storage (NAS) devices. Learn more.
orbi hunting 0x1: crashes in soap-api https://blog.coffinsec.com/research/2022/06/19/orbi-hunting-1-soap-api-crashes.html
hyprblog
orbi hunting 0x1: crashes in soap-api
a walkthrough of my experience finding a buffer overflow, discovering a null pointer deref along the way, and eventually figuring out the bug wasn’t (easily) exploitable.
Discovering and Blocking a Zero-Day Exploit with CrowdStrike Falcon Complete: The Case of CVE-2023-36874 https://www.crowdstrike.com/blog/falcon-complete-zero-day-exploit-cve-2023-36874/
CrowdStrike.com
Discovering and Blocking a Zero-Day Exploit with CrowdStrike Falcon Complete: The Case of CVE-2023-36874
The Falcon Complete MDR team discovered and blocked a zero-day exploit (CVE-2023-36874) affecting Windows Error Reporting. Learn more about the discovery and response!
nday exploit: netgear orbi unauthenticated command injection (cve-2020-27861) https://blog.coffinsec.com/research/2022/07/02/orbi-nday-exploit-cve-2020-27861.html
hyprblog
nday exploit: netgear orbi unauthenticated command injection (CVE-2020-27861)
rediscovering and developing a weaponized exploit for a command injection vulnerability in Orbi wifi systems that was reported and patched last year.
AntiFuzz: Impeding Fuzzing Audits of Binary Executables https://www.usenix.org/conference/usenixsecurity19/presentation/guler
DLL Notification Injection https://shorsec.io/blog/dll-notification-injection/
Introduction to encryption for embedded Linux developers https://sergioprado.blog/introduction-to-encryption-for-embedded-linux-developers/
sergioprado.blog
Introduction to encryption for embedded Linux developers
This article is an introduction to encryption for embedded Linux developers.
Experts found multiple flaws in AudioCodes desk phones and Zoom’s Zero Touch Provisioning (ZTP) https://securityaffairs.com/149487/hacking/zooms-zero-touch-provisioning-flaws.html
Security Affairs
Experts found multiple flaws in AudioCodes desk phones and Zoom's Zero Touch Provisioning (ZTP)
Multiple flaws in AudioCodes desk phones and Zoom's Zero Touch Provisioning (ZTP) can expose to several attacks.
Creating Fully Undetectable JavaScript Payloads to Evade Next-Generation Firewalls https://elliotonsecurity.com/creating-fully-undetectable-javscript-payloads-to-evade-next-generation-firewalls/
Memory Forensics R&D Illustrated: Recovering Raw Sockets on Windows 10+ https://volatility-labs.blogspot.com/2023/08/memory-forensics-r-d-illustrated-recovering-raw-sockets0-on-windows-10.html
Blogspot
Memory Forensics R&D Illustrated: Recovering Raw Sockets on Windows 10+
As mentioned in a recent blog post , our team is once again offering in-person training, and we have substantially updated our course for t...
Asymmetric-Key Encryption and Digital Signatures in Practice https://sergioprado.blog/asymmetric-key-encryption-and-digital-signatures-in-practice/
sergioprado.blog
Asymmetric-Key Encryption and Digital Signatures in Practice
In this article, we will learn how asymmetric-key encryption and digital signatures work from a practical perspective.
Fantastic Rootkits: And Where To Find Them (Part 3) – ARM Edition https://www.cyberark.com/resources/threat-research-blog/fantastic-rootkits-and-where-to-find-them-part-3-arm-edition
Cyberark
Fantastic Rootkits: And Where To Find Them (Part 3) – ARM Edition
Introduction In this blog, we will discuss innovative rootkit techniques on a non-traditional architecture, Windows 11 on ARM64. In the prior posts, we covered rootkit techniques applied to a...