CVE-2023-38146: Arbitrary Code Execution via Windows Themes https://exploits.forsale/themebleed/
👍1
3AM: New Ransomware Family Used As Fallback in Failed LockBit Attack https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/3am-ransomware-lockbit
Security
3AM: New Ransomware Family Used As Fallback in Failed LockBit Attack
Attackers resorted to new ransomware after deployment of LockBit was blocked on targeted network.
Reversing a Simple CrackMe with Ghidra Decompiler https://medium.com/@cy1337/reversing-a-simple-crackme-with-ghidra-decompiler-5dd1b1c3c0ba
Medium
Reversing a Simple CrackMe with Ghidra Decompiler
In this article, I will walk through a simple crackme challenge from the collection of sample files for A Guide to Reversing with Ghidra…
WS_RaceCondition_PoC: Simple PoC for demonstrating Race Conditions on Websockets https://github.com/redrays-io/WS_RaceCondition_PoC
GitHub
GitHub - redrays-io/WS_RaceCondition_PoC: Simple PoC for demonstrating Race Conditions on Websockets
Simple PoC for demonstrating Race Conditions on Websockets - redrays-io/WS_RaceCondition_PoC
Column-Level Encryption 101: What is It, implementation & Benefits https://www.piiano.com/blog/column-level-encryption
MCPTotal
Secure MCP Cloud for Enterprises
MCP Made Easy and secure - Onboard AI tools in a click.
Uncursing the ncurses: Memory corruption vulnerabilities found in library https://www.microsoft.com/en-us/security/blog/2023/09/14/uncursing-the-ncurses-memory-corruption-vulnerabilities-found-in-library/
Microsoft News
Uncursing the ncurses: Memory corruption vulnerabilities found in library
Attackers could have exploited memory corruption vulnerabilities in the ncurses library to elevate privileges, run code, & other actions.
Any sufficiently advanced uninstaller is indistinguishable from malware https://devblogs.microsoft.com/oldnewthing/20230911-00/?p=108749
Microsoft News
Any sufficiently advanced uninstaller is indistinguishable from malware
The common pattern of trying to delete yourself.
👍1🤯1
Bypassing UAC with SSPI Datagram Contexts https://splintercod3.blogspot.com/p/bypassing-uac-with-sspi-datagram.html
A detailed analysis of the Money Message Ransomware https://resources.securityscorecard.com/research/analysis-money-message-ransomware
Security Scorecard
[White Paper] A Detailed Analysis of The Money Message Ransomware
Konni Has Entered the Game: Exploiting WinRAR Vulnerability for Cyber Attacks https://deform.co/konni-has-entered-the-game-exploiting-winrar-vulnerability-for-cyber-attacks/
Deform
Konni Has Entered the Game: Exploiting WinRAR Vulnerability for Cyber Attacks - Deform
Groups of North Korean origin have long chosen the cryptocurrency sector as one of their targets, and until now, the main threat has come from the Lazarus
A Big Look at Security in OpenAPI https://blog.liblab.com/a-big-look-at-security-in-openapi/
Liblab
OpenAPI Security: Five types & best practices | Generate SDKs for your API with liblab
Explore OpenAPI security best practices. Learn the key methods and how they're implemented. See how liblab enhances SDK creation.
Tickling ksmbd: fuzzing SMB in the Linux kernel https://pwning.tech/ksmbd-syzkaller/
Pwning Tech
Tickling ksmbd: fuzzing SMB in the Linux kernel
Following the adventure of manually discovering network-based vulnerabilities in the Linux kernel, I'm adding ksmbd-fuzzing functionality to the already extensive kernel-fuzzing tool that is Syzkaller.
Fileless Remote Code Execution on Juniper Firewalls https://vulncheck.com/blog/juniper-cve-2023-36845
Wind River VxWorks tarExtract directory traversal vulnerability (CVE-2023-38346) https://www.pentagrid.ch/en/blog/wind-river-vxworks-tarextract-directory-traversal-vulnerability/
Pentagrid AG
Wind River VxWorks tarExtract directory traversal vulnerability (CVE-2
CVE-2023-38346 is a directory traversal vulnerability in Wind River's tarExtract function in VxWorks discovered by Pentagrid during a penetration test and source code review.