PoC Exploit for CVE-2023-27524 in Apache Superset Leads to RCE Released https://securityonline.info/poc-exploit-for-cve-2023-27524-in-apache-superset-leads-to-rce-released/
Cybersecurity News
PoC Exploit for CVE-2023-27524 in Apache Superset Leads to RCE Released
Jakabakos has shed light on the specifics of the CVE-2023-27524 flaw and provided a PoC, accentuating its potential for remote code execution
Unseen Predators: The Growing Threat of Insider Attacks in Cybersecurity https://www.vcyberconsult.com/post/unseen-predators-the-growing-threat-of-insider-attacks-in-cybersecurity-1
Virtual Cybersecurit
Unseen Predators: The Growing Threat of Insider Attacks in Cybersecurity
Explore the growing threat of insider attacks in the realm of cybersecurity. From defining what constitutes an insider threat, its various types, to strategies for mitigating such risks, this comprehensive guide covers all aspects of this pressing issue.…
Malware distributor Storm-0324 facilitates ransomware access https://www.microsoft.com/en-us/security/blog/2023/09/12/malware-distributor-storm-0324-facilitates-ransomware-access/
Microsoft News
Malware distributor Storm-0324 facilitates ransomware access
Storm-0324 is a financially motivated group known to gain initial access using email vectors and then hand off access to other threat actors.
From Terminal Output to Arbitrary Remote Code Execution https://blog.solidsnail.com/posts/2023-08-28-iterm2-rce
solid-snail blog
From Terminal Output to Arbitrary Remote Code Execution
It was the year of the Linux desktop 1978. Old yellowed computers were not yet old, nor yellowed. Digital Equipment Corporation released the first popular terminal to support a standardized in-band encoding for control functions, the VT100.
Large-Scale Phishing Attack Targets Zimbra Email Users https://deeplab.com/security/4472-zimbra-email-users-targeted-in-phishing-attack
Deeplab
Zimbra Email Users Targeted in Phishing Attack | Deeplab.com
A global phishing campaign targeting Zimbra email users is raising concerns about cybersecurity vulnerabilities and data breaches
A Guide to Reversing Shared Objects with Ghidra https://medium.com/@cy1337/a-guide-to-reversing-shared-objects-with-ghidra-cec83d5031e6
Medium
A Guide to Reversing Shared Objects with Ghidra
I’m excited to announce that I will be returning this year to the Black Hat USA 2023 conference in Las Vegas. As with previous years’…
❤1
The GitHub Actions Worm: Compromising GitHub Repositories Through the Actions Dependency Tree https://www.paloaltonetworks.com/blog/prisma-cloud/github-actions-worm-dependencies/
Palo Alto Networks Blog
The GitHub Actions Worm: Compromising GitHub Repositories Through the Actions Dependency Tree
GitHub Actions worm compromises GitHub repositories via action dependencies in a novel attack vector allowing attackers to distribute malware across repositories, research shows.
❤2
Vulnerability Analysis with Ghidra Scripting https://medium.com/@cy1337/vulnerability-analysis-with-ghidra-scripting-ccf416cfa56d
Medium
Vulnerability Analysis with Ghidra Scripting
As some of you may have seen, I posted a challenge to use Ghidra to identify a vulnerability in a WarGames themed game. There has been a…
CVE-2023-38146: Arbitrary Code Execution via Windows Themes https://exploits.forsale/themebleed/
👍1
3AM: New Ransomware Family Used As Fallback in Failed LockBit Attack https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/3am-ransomware-lockbit
Security
3AM: New Ransomware Family Used As Fallback in Failed LockBit Attack
Attackers resorted to new ransomware after deployment of LockBit was blocked on targeted network.
Reversing a Simple CrackMe with Ghidra Decompiler https://medium.com/@cy1337/reversing-a-simple-crackme-with-ghidra-decompiler-5dd1b1c3c0ba
Medium
Reversing a Simple CrackMe with Ghidra Decompiler
In this article, I will walk through a simple crackme challenge from the collection of sample files for A Guide to Reversing with Ghidra…
WS_RaceCondition_PoC: Simple PoC for demonstrating Race Conditions on Websockets https://github.com/redrays-io/WS_RaceCondition_PoC
GitHub
GitHub - redrays-io/WS_RaceCondition_PoC: Simple PoC for demonstrating Race Conditions on Websockets
Simple PoC for demonstrating Race Conditions on Websockets - redrays-io/WS_RaceCondition_PoC
Column-Level Encryption 101: What is It, implementation & Benefits https://www.piiano.com/blog/column-level-encryption
MCPTotal
Secure MCP Cloud for Enterprises
MCP Made Easy and secure - Onboard AI tools in a click.
Uncursing the ncurses: Memory corruption vulnerabilities found in library https://www.microsoft.com/en-us/security/blog/2023/09/14/uncursing-the-ncurses-memory-corruption-vulnerabilities-found-in-library/
Microsoft News
Uncursing the ncurses: Memory corruption vulnerabilities found in library
Attackers could have exploited memory corruption vulnerabilities in the ncurses library to elevate privileges, run code, & other actions.
Any sufficiently advanced uninstaller is indistinguishable from malware https://devblogs.microsoft.com/oldnewthing/20230911-00/?p=108749
Microsoft News
Any sufficiently advanced uninstaller is indistinguishable from malware
The common pattern of trying to delete yourself.
👍1🤯1
Bypassing UAC with SSPI Datagram Contexts https://splintercod3.blogspot.com/p/bypassing-uac-with-sspi-datagram.html
A detailed analysis of the Money Message Ransomware https://resources.securityscorecard.com/research/analysis-money-message-ransomware
Security Scorecard
[White Paper] A Detailed Analysis of The Money Message Ransomware