Malvertisers up their game against researchers https://www.malwarebytes.com/blog/threat-intelligence/2023/08/malvertisers-up-the-game-against-researchers
Malwarebytes
Malvertisers up their game against researchers
Threat actors constantly take notice of the work and takedown efforts initiated by security researchers. In this constant game of cat and...
Exploiting the HP Printer without the printer (Pwn2Own 2022) https://www.interruptlabs.co.uk/articles/pwn2own-2022-hp-printer
www.interruptlabs.co.uk
Exploiting the HP Printer without the printer (Pwn2Own 2022)
Interrupt Labs exploited the HP Color LaserJet Pro M479fdw printer successfully in Pwn2Own Toronto 2022. This blog post describes the technical details of the vulnerability, and how we developed the exploit before we received the physical device.
Linux Kernel Exploit (CVE-2022–32250) with mqueue https://blog.theori.io/linux-kernel-exploit-cve-2022-32250-with-mqueue-a8468f32aab5
Medium
Linux Kernel Exploit (CVE-2022–32250) with mqueue
Background
Traders' Dollars in Danger: CVE-2023-38831 zero-Day vulnerability in WinRAR exploited by cybercriminals to target traders https://www.group-ib.com/blog/cve-2023-38831-winrar-zero-day/
Group-IB
Traders' dollars in danger: CVE-2023-38831 zero-day vulnerability in WinRAR exploited by cybercriminals to target traders
Spoof extensions help cybercriminals target users on trading forums as 130 devices still infected at time of writing.
Understanding Hackers' Work: An Empirical Study of Offensive Security Practitioners https://arxiv.org/abs/2308.07057
arXiv.org
Understanding Hackers' Work: An Empirical Study of Offensive...
Offensive security-tests are a common way to pro-actively discover potential vulnerabilities. They are performed by specialists, often called penetration-testers or white-hat hackers. The chronic...
A Deep Dive into Penetration Testing of macOS Applications (Part 2) https://www.cyberark.com/resources/threat-research-blog/a-deep-dive-into-penetration-testing-of-macos-applications-part-2
Cyberark
A Deep Dive into Penetration Testing of macOS Applications (Part 2)
Introduction This is the second part of the “A Deep Dive into Penetration Testing of macOS Application” blog series. In the first part, we learned about macOS applications and their structure and...
Ivanti Sentry Authentication Bypass CVE-2023-38035 Deep Dive https://www.horizon3.ai/ivanti-sentry-authentication-bypass-cve-2023-38035-deep-dive/
Bypassing Bitlocker using a cheap logic analyzer on a Lenovo laptop https://www.errno.fr/BypassingBitlocker
Playing Dominos with Moodle's Security (1/2) https://www.sonarsource.com/blog/playing-dominos-with-moodles-security-1/
Sonarsource
Playing Dominos with Moodle's Security (1/2)
Our security researchers recently discovered two critical vulnerabilities in Moodle that leverage the use of not impactful bugs.
CVE-2023-36844 And Friends: RCE In Juniper Devices https://labs.watchtowr.com/cve-2023-36844-and-friends-rce-in-juniper-firewalls/
watchTowr Labs
CVE-2023-36844 And Friends: RCE In Juniper Devices
As part of our Continuous Automated Red Teaming and Attack Surface Management technology - the watchTowr Platform - we're incredibly proud of our ability to discover nested, exploitable vulnerabilities across huge attack surfaces.
Through our rapid PoC process…
Through our rapid PoC process…
CVE-2020-19909 is everything that is wrong with CVEs https://daniel.haxx.se/blog/2023/08/26/cve-2020-19909-is-everything-that-is-wrong-with-cves/
daniel.haxx.se
CVE-2020-19909 is everything that is wrong with CVEs
This is a story consisting of several little building blocks and they occurred spread out in time and in different places. It is a story that shows with clarity how our current system with CVE Ids and lots of power given to NVD is a completely broken system.…
Leaked LockBit 3.0 ransomware builder used by multiple threat actors https://securityaffairs.com/149941/hacking/lockbit-3-leaked-code-usage.html
Security Affairs
Leaked LockBit 3.0 ransomware builder used by multiple threat actors
The leak of the source code of the LockBit 3.0 ransomware builder in 2022 allowed threat actors to create new variants of the threat
HTML Smuggling Leads to Domain Wide Ransomware https://thedfirreport.com/2023/08/28/html-smuggling-leads-to-domain-wide-ransomware/
The DFIR Report
HTML Smuggling Leads to Domain Wide Ransomware
We’ve previously reported on a Nokoyawa ransomware case in which the initial access was via an Excel macro and IcedID malware. This case, which also ended in Nokoyawa Ransomware, involved the…
Grave flaws in BGP Error handling https://blog.benjojo.co.uk/post/bgp-path-attributes-grave-error-handling
blog.benjojo.co.uk
Grave flaws in BGP Error handling
Kinsing Malware Exploits Novel Openfire Vulnerability https://blog.aquasec.com/kinsing-malware-exploits-novel-openfire-vulnerability
Aqua
Kinsing Malware Exploits Novel Openfire Vulnerability
A new attack exploits the novel Openfire vulnerability (CVE-2023-32315) to deploy Kinsing malware and crypto miners to gain full control over the server.
Getting into AWS cloud security research as a n00bcake https://dagrz.com/writing/aws-security/getting-into-aws-security-research/
NosyMonkey: API hooking and code injection made easy! https://www.anvilsecure.com/blog/nosymonkey.html
Anvil Secure
NosyMonkey: API hooking and code injection made easy! - Anvil Secure
As a researcher I often run into situations in which I need to make a compiled binary do things that it wouldn’t normally do or change the way it works in some way. Of course, if one…
👍1
Lateral movement: A conceptual overview https://diablohorn.com/2023/08/22/lateral-movement-a-conceptual-overview/
DiabloHorn
Lateral movement: A conceptual overview
I’ve often been in the situation of explaining lateral movement to people who do not work in the offensive security field on a daily basis or have a different level of technical understanding…
A Deep Dive into Brute Ratel C4 payloads https://cybergeeks.tech/a-deep-dive-into-brute-ratel-c4-payloads/
Introducing Session Hijacking Visual Exploitation (SHVE): An Innovative Open-Source Tool for XSS Exploitation https://blog.doyensec.com/2023/08/31/introducing-session-hijacking-visual-exploitation.html
Doyensec
Introducing Session Hijacking Visual Exploitation (SHVE): An Innovative Open-Source Tool for XSS Exploitation
Greetings, folks! Today, we’re thrilled to introduce you to our latest tool: Session Hijacking Visual Exploitation, or SHVE. This open-source tool, now available on our GitHub, offers a novel way to hijack a victim’s browser sessions, utilizing them as a…