Konni Has Entered the Game: Exploiting WinRAR Vulnerability for Cyber Attacks https://deform.co/konni-has-entered-the-game-exploiting-winrar-vulnerability-for-cyber-attacks/
Deform
Konni Has Entered the Game: Exploiting WinRAR Vulnerability for Cyber Attacks - Deform
Groups of North Korean origin have long chosen the cryptocurrency sector as one of their targets, and until now, the main threat has come from the Lazarus
A Big Look at Security in OpenAPI https://blog.liblab.com/a-big-look-at-security-in-openapi/
Liblab
OpenAPI Security: Five types & best practices | Generate SDKs for your API with liblab
Explore OpenAPI security best practices. Learn the key methods and how they're implemented. See how liblab enhances SDK creation.
Tickling ksmbd: fuzzing SMB in the Linux kernel https://pwning.tech/ksmbd-syzkaller/
Pwning Tech
Tickling ksmbd: fuzzing SMB in the Linux kernel
Following the adventure of manually discovering network-based vulnerabilities in the Linux kernel, I'm adding ksmbd-fuzzing functionality to the already extensive kernel-fuzzing tool that is Syzkaller.
Fileless Remote Code Execution on Juniper Firewalls https://vulncheck.com/blog/juniper-cve-2023-36845
Wind River VxWorks tarExtract directory traversal vulnerability (CVE-2023-38346) https://www.pentagrid.ch/en/blog/wind-river-vxworks-tarextract-directory-traversal-vulnerability/
Pentagrid AG
Wind River VxWorks tarExtract directory traversal vulnerability (CVE-2
CVE-2023-38346 is a directory traversal vulnerability in Wind River's tarExtract function in VxWorks discovered by Pentagrid during a penetration test and source code review.
How To Rotate, an open-source collection of API Key Rotation tutorials https://howtorotate.com/docs/introduction/getting-started/
How to Rotate Leaked API Keys
Getting Started
Welcome to How To Rotate, an open-source collection of API Key Rotation tutorials. Each tutorial provides step-by-step instructions on how to remediate a leaked API key security vulnerability by (1) Generating a new API key, (2) Replacing the compromised…
Remote Code Execution in Tutanota Desktop due to Code Flaw https://www.sonarsource.com/blog/remote-code-execution-in-tutanota-desktop-due-to-code-flaw/
Sonarsource
Remote Code Execution in Tutanota Desktop due to Code Flaw
Our Research team discovered critical code vulnerabilities in Proton Mail, Skiff, and Tutanota. This post covers an XSS vulnerability in Tutanota Desktop and how it can be prevented.
HDF5 - Multiple Memory Corruption Vulnerabilities https://pulsesecurity.co.nz/advisories/hdf5-memory-corruption
Pulse Security
HDF5 - Multiple Memory Corruption Vulnerabilities
Multiple memory corruption vulnerabilities were discovered in the LibHDF5 library including heap overflow, use-after-free and stack exhaustion.
Rust to Assembly: Understanding the Inner Workings of Rust https://eventhelix.com/rust/
Eventhelix
Rust to Assembly: Understanding the Inner Workings of Rust
Understand the assembly code generated for various Rust concepts like enums, match, self-passing, arrays, option, and smart pointers. Learn how the Rust language is translated to assembly and how the compiler optimizes the code. Also, discover the performance…
Finnish Authorities Have Shut Down the Darknet Drug Market PIILOPUOTI https://deform.co/finnish-authorities-have-shut-down-the-darknet-drug-market-piilopuoti/
Deform
Finnish Authorities Have Shut Down the Darknet Drug Market PIILOPUOTI - Deform
Finnish law enforcement authorities have announced the dismantling of PIILOPUOTI, a shady online marketplace that specialized in illegal drug trafficking
It’s a trap: Detecting a cryptominer on a popular website using Group-IB MXDR https://www.group-ib.com/blog/mxdr-cryptominer/
Group-IB
It’s a trap: Detecting a cryptominer on a popular website using Group-IB MXDR
Group-IB analysts discovered and analyzed a cryptojacking campaign on a popular educational resource using Group-IB Managed XDR.
Blocking Visual Studio Code embedded reverse shell before it's too late https://ipfyx.fr/post/visual-studio-code-tunnel/
ipfyx.fr
Blocking Visual Studio Code embedded reverse shell before it's too late
Visual studio code tunnel Introduction Since July 2023, Microsoft is offering the perfect reverse shell, embedded inside Visual Studio Code, a widely used …
👌2
WTS API Wasteland — (Remote) Token Impersonation In Another Level https://medium.com/@omribaso/wts-api-wasteland-remote-token-impersonation-in-another-level-a23965e8227e
Medium
WTS API Wasteland — (Remote) Token Impersonation In Another Level
Whoami?
iRacing Exploit allows attackers to take control of user's computer https://blog.ss23.geek.nz/2023/09/21/iracing-electron-rce-exploit.html
Blog
iRacing Exploit allows attackers to take control of user’s computer
I’ve recently been looking into iRacing, which is an online racing simulation video game.
[P2O Vancouver 2023] SharePoint Pre-Auth RCE chain (CVE-2023–29357 & CVE-2023–24955) https://starlabs.sg/blog/2023/09-sharepoint-pre-auth-rce-chain/
STAR Labs
[P2O Vancouver 2023] SharePoint Pre-Auth RCE chain (CVE-2023–29357 & CVE-2023–24955)
Brief I may have achieved successful exploitation of a SharePoint target during Pwn2Own Vancouver 2023. While the live demonstration lasted only approximately 30 seconds, it is noteworthy that the process of discovering and crafting the exploit chain consumed…
Analysis of CVE-2023-38831 Zero-Day vulnerability in WinRAR https://blog.securelayer7.net/analysis-of-cve-2023-38831-zero-day-vulnerability-in-winrar/
SecureLayer7 - Offensive Security, API Scanner & Attack Surface Management
Analysis of CVE-2023-38831 Zero-Day vulnerability in WinRAR
CVE: CVE-2023-38831: A New WinRar Vulnerabilty A remote code execution when the user attempts to view a benign file within a ZIP archive. The issue occurs because a) ZIP archive may include a...
The De Vinci of DirtyPipe Local Privilege Escalation - CVE-2022-0847 https://www.vicarius.io/vsociety/posts/the-de-vinci-of-dirtypipe-local-privilege-escalation-cve-2022-0847
www.vicarius.io
The De Vinci of DirtyPipe Local Privilege Escalation - CVE-2022-0847 - vsociety