It’s a trap: Detecting a cryptominer on a popular website using Group-IB MXDR https://www.group-ib.com/blog/mxdr-cryptominer/
Group-IB
It’s a trap: Detecting a cryptominer on a popular website using Group-IB MXDR
Group-IB analysts discovered and analyzed a cryptojacking campaign on a popular educational resource using Group-IB Managed XDR.
Blocking Visual Studio Code embedded reverse shell before it's too late https://ipfyx.fr/post/visual-studio-code-tunnel/
ipfyx.fr
Blocking Visual Studio Code embedded reverse shell before it's too late
Visual studio code tunnel Introduction Since July 2023, Microsoft is offering the perfect reverse shell, embedded inside Visual Studio Code, a widely used …
👌2
WTS API Wasteland — (Remote) Token Impersonation In Another Level https://medium.com/@omribaso/wts-api-wasteland-remote-token-impersonation-in-another-level-a23965e8227e
Medium
WTS API Wasteland — (Remote) Token Impersonation In Another Level
Whoami?
iRacing Exploit allows attackers to take control of user's computer https://blog.ss23.geek.nz/2023/09/21/iracing-electron-rce-exploit.html
Blog
iRacing Exploit allows attackers to take control of user’s computer
I’ve recently been looking into iRacing, which is an online racing simulation video game.
[P2O Vancouver 2023] SharePoint Pre-Auth RCE chain (CVE-2023–29357 & CVE-2023–24955) https://starlabs.sg/blog/2023/09-sharepoint-pre-auth-rce-chain/
STAR Labs
[P2O Vancouver 2023] SharePoint Pre-Auth RCE chain (CVE-2023–29357 & CVE-2023–24955)
Brief I may have achieved successful exploitation of a SharePoint target during Pwn2Own Vancouver 2023. While the live demonstration lasted only approximately 30 seconds, it is noteworthy that the process of discovering and crafting the exploit chain consumed…
Analysis of CVE-2023-38831 Zero-Day vulnerability in WinRAR https://blog.securelayer7.net/analysis-of-cve-2023-38831-zero-day-vulnerability-in-winrar/
SecureLayer7 - Offensive Security, API Scanner & Attack Surface Management
Analysis of CVE-2023-38831 Zero-Day vulnerability in WinRAR
CVE: CVE-2023-38831: A New WinRar Vulnerabilty A remote code execution when the user attempts to view a benign file within a ZIP archive. The issue occurs because a) ZIP archive may include a...
The De Vinci of DirtyPipe Local Privilege Escalation - CVE-2022-0847 https://www.vicarius.io/vsociety/posts/the-de-vinci-of-dirtypipe-local-privilege-escalation-cve-2022-0847
www.vicarius.io
The De Vinci of DirtyPipe Local Privilege Escalation - CVE-2022-0847 - vsociety
GDBleed: Dynamic-Static binary instrumentation framework on top of GDB https://github.com/tin-z/GDBleed
GitHub
GitHub - tin-z/GDBleed: Dynamic-Static binary instrumentation framework on top of GDB
Dynamic-Static binary instrumentation framework on top of GDB - tin-z/GDBleed
The bogus CVE problem https://lwn.net/Articles/944209/
❤1
CVE-2023-36664: Command injection with Ghostscript PoC + exploit https://www.vicarius.io/vsociety/posts/cve-2023-36664-command-injection-with-ghostscript-poc-exploit
www.vicarius.io
CVE-2023-36664: Command injection with Ghostscript PoC + exploit - vsociety
Exploiting ASP.NET TemplateParser — Part I: Sitecore (CVE-2023-35813) https://code-white.com/blog/exploiting-asp.net-templateparser-part-1/
Code-White
CODE WHITE | Exploiting ASP.NET TemplateParser — Part I: Sitecore (CVE-2023-35813)
The `TemplateParser` is fundamental in ASP.NET Web Forms. It is used for parsing different ASP.NET source files such as `*.aspx` and for parsing other input from various sources, including user provided data.
In this two part series we will take a deep look…
In this two part series we will take a deep look…
👍1
A tale about a Red Team exercise and the Forcepoint Endpoint One DLP client https://www.vicarius.io/vsociety/posts/a-tale-about-a-red-team-exercise-and-the-forcepoint-endpoint-one-dlp-client-1
🤮1
CVE-2023-29357: Microsoft SharePoint Server Elevation of Privilege Vulnerability https://github.com/Chocapikk/CVE-2023-29357/tree/main
GitHub
GitHub - Chocapikk/CVE-2023-29357: Microsoft SharePoint Server Elevation of Privilege Vulnerability
Microsoft SharePoint Server Elevation of Privilege Vulnerability - Chocapikk/CVE-2023-29357
Legitimate exfiltration tools : summary and detection for incident response and threat hunting https://www.synacktiv.com/publications/legitimate-exfiltration-tools-summary-and-detection-for-incident-response-and-threat.html
Synacktiv
Legitimate exfiltration tools : summary and detection for incident
Credit card thieves target Booking.com customers https://www.malwarebytes.com/blog/news/2023/09/credit-card-thieves-target-bookingcom-customers
Malwarebytes
Credit card thieves target Booking.com customers
A very clever and complex phishing campaign uses organizations in the hospitality industry to get customers' credit card information.
Critical libwebp Vulnerability Under Active Exploitation - Gets Maximum CVSS Score https://thehackernews.com/2023/09/new-libwebp-vulnerability-under-active.html
CVE-2022-2602: DirtyCred File Exploitation applied on an io_uring UAF https://blog.hacktivesecurity.com/index.php/2022/12/21/cve-2022-2602-dirtycred-file-exploitation-applied-on-an-io_uring-uaf/
Hacktivesecurity
Add title here
Hacktive Security - Advanced Cyber Security Services
❤1
Getting RCE in Chrome with incorrect side effect in the JIT compiler https://github.blog/2023-09-26-getting-rce-in-chrome-with-incorrect-side-effect-in-the-jit-compiler/
The GitHub Blog
Getting RCE in Chrome with incorrect side effect in the JIT compiler
In this post, I'll exploit CVE-2023-3420, a type confusion in Chrome that allows remote code execution (RCE) in the renderer sandbox of Chrome by a single visit to a malicious site.
LDAP Queries for Offensive and Defensive Operations https://www.politoinc.com/post/ldap-queries-for-offensive-and-defensive-operations
Polito, Inc.
LDAP Queries for Offensive and Defensive Operations
The intention of this post is to provide basic queries for targeted AD DS information gathering used in penetration testing. The reader can
Automating the Discovery of NTLM Authentication Endpoints https://www.praetorian.com/blog/automating-the-discovery-of-ntlm-authentication-endpoints/
Praetorian
Automating the Discovery of NTLM Authentication Endpoints | Praetorian
Recently, I have been working on adding support for automated enumeration and discovery of NTLM authentication endpoints to Chariot, our external attack surface and continuous automated red teaming product. Our red team requested this feature as a way to…
Google assigns new maximum rated CVE to libwebp bug exploited in attacks https://www.bleepingcomputer.com/news/security/google-assigns-new-maximum-rated-cve-to-libwebp-bug-exploited-in-attacks/
BleepingComputer
Google assigns new maximum rated CVE to libwebp bug exploited in attacks
Google has assigned a new CVE ID (CVE-2023-5129) to a libwebp security vulnerability exploited as a zero-day in attacks and patched two weeks ago.