orbi hunting 0x1: crashes in soap-api https://blog.coffinsec.com/research/2022/06/19/orbi-hunting-1-soap-api-crashes.html
hyprblog
orbi hunting 0x1: crashes in soap-api
a walkthrough of my experience finding a buffer overflow, discovering a null pointer deref along the way, and eventually figuring out the bug wasn’t (easily) exploitable.
Discovering and Blocking a Zero-Day Exploit with CrowdStrike Falcon Complete: The Case of CVE-2023-36874 https://www.crowdstrike.com/blog/falcon-complete-zero-day-exploit-cve-2023-36874/
CrowdStrike.com
Discovering and Blocking a Zero-Day Exploit with CrowdStrike Falcon Complete: The Case of CVE-2023-36874
The Falcon Complete MDR team discovered and blocked a zero-day exploit (CVE-2023-36874) affecting Windows Error Reporting. Learn more about the discovery and response!
nday exploit: netgear orbi unauthenticated command injection (cve-2020-27861) https://blog.coffinsec.com/research/2022/07/02/orbi-nday-exploit-cve-2020-27861.html
hyprblog
nday exploit: netgear orbi unauthenticated command injection (CVE-2020-27861)
rediscovering and developing a weaponized exploit for a command injection vulnerability in Orbi wifi systems that was reported and patched last year.
AntiFuzz: Impeding Fuzzing Audits of Binary Executables https://www.usenix.org/conference/usenixsecurity19/presentation/guler
DLL Notification Injection https://shorsec.io/blog/dll-notification-injection/
Introduction to encryption for embedded Linux developers https://sergioprado.blog/introduction-to-encryption-for-embedded-linux-developers/
sergioprado.blog
Introduction to encryption for embedded Linux developers
This article is an introduction to encryption for embedded Linux developers.
Experts found multiple flaws in AudioCodes desk phones and Zoom’s Zero Touch Provisioning (ZTP) https://securityaffairs.com/149487/hacking/zooms-zero-touch-provisioning-flaws.html
Security Affairs
Experts found multiple flaws in AudioCodes desk phones and Zoom's Zero Touch Provisioning (ZTP)
Multiple flaws in AudioCodes desk phones and Zoom's Zero Touch Provisioning (ZTP) can expose to several attacks.
Creating Fully Undetectable JavaScript Payloads to Evade Next-Generation Firewalls https://elliotonsecurity.com/creating-fully-undetectable-javscript-payloads-to-evade-next-generation-firewalls/
Memory Forensics R&D Illustrated: Recovering Raw Sockets on Windows 10+ https://volatility-labs.blogspot.com/2023/08/memory-forensics-r-d-illustrated-recovering-raw-sockets0-on-windows-10.html
Blogspot
Memory Forensics R&D Illustrated: Recovering Raw Sockets on Windows 10+
As mentioned in a recent blog post , our team is once again offering in-person training, and we have substantially updated our course for t...
Asymmetric-Key Encryption and Digital Signatures in Practice https://sergioprado.blog/asymmetric-key-encryption-and-digital-signatures-in-practice/
sergioprado.blog
Asymmetric-Key Encryption and Digital Signatures in Practice
In this article, we will learn how asymmetric-key encryption and digital signatures work from a practical perspective.
Fantastic Rootkits: And Where To Find Them (Part 3) – ARM Edition https://www.cyberark.com/resources/threat-research-blog/fantastic-rootkits-and-where-to-find-them-part-3-arm-edition
Cyberark
Fantastic Rootkits: And Where To Find Them (Part 3) – ARM Edition
Introduction In this blog, we will discuss innovative rootkit techniques on a non-traditional architecture, Windows 11 on ARM64. In the prior posts, we covered rootkit techniques applied to a...
Malvertisers up their game against researchers https://www.malwarebytes.com/blog/threat-intelligence/2023/08/malvertisers-up-the-game-against-researchers
Malwarebytes
Malvertisers up their game against researchers
Threat actors constantly take notice of the work and takedown efforts initiated by security researchers. In this constant game of cat and...
Exploiting the HP Printer without the printer (Pwn2Own 2022) https://www.interruptlabs.co.uk/articles/pwn2own-2022-hp-printer
www.interruptlabs.co.uk
Exploiting the HP Printer without the printer (Pwn2Own 2022)
Interrupt Labs exploited the HP Color LaserJet Pro M479fdw printer successfully in Pwn2Own Toronto 2022. This blog post describes the technical details of the vulnerability, and how we developed the exploit before we received the physical device.
Linux Kernel Exploit (CVE-2022–32250) with mqueue https://blog.theori.io/linux-kernel-exploit-cve-2022-32250-with-mqueue-a8468f32aab5
Medium
Linux Kernel Exploit (CVE-2022–32250) with mqueue
Background
Traders' Dollars in Danger: CVE-2023-38831 zero-Day vulnerability in WinRAR exploited by cybercriminals to target traders https://www.group-ib.com/blog/cve-2023-38831-winrar-zero-day/
Group-IB
Traders' dollars in danger: CVE-2023-38831 zero-day vulnerability in WinRAR exploited by cybercriminals to target traders
Spoof extensions help cybercriminals target users on trading forums as 130 devices still infected at time of writing.
Understanding Hackers' Work: An Empirical Study of Offensive Security Practitioners https://arxiv.org/abs/2308.07057
arXiv.org
Understanding Hackers' Work: An Empirical Study of Offensive...
Offensive security-tests are a common way to pro-actively discover potential vulnerabilities. They are performed by specialists, often called penetration-testers or white-hat hackers. The chronic...
A Deep Dive into Penetration Testing of macOS Applications (Part 2) https://www.cyberark.com/resources/threat-research-blog/a-deep-dive-into-penetration-testing-of-macos-applications-part-2
Cyberark
A Deep Dive into Penetration Testing of macOS Applications (Part 2)
Introduction This is the second part of the “A Deep Dive into Penetration Testing of macOS Application” blog series. In the first part, we learned about macOS applications and their structure and...
Ivanti Sentry Authentication Bypass CVE-2023-38035 Deep Dive https://www.horizon3.ai/ivanti-sentry-authentication-bypass-cve-2023-38035-deep-dive/
Bypassing Bitlocker using a cheap logic analyzer on a Lenovo laptop https://www.errno.fr/BypassingBitlocker