Exploiting ASP.NET TemplateParser — Part I: Sitecore (CVE-2023-35813) https://code-white.com/blog/exploiting-asp.net-templateparser-part-1/
Code-White
CODE WHITE | Exploiting ASP.NET TemplateParser — Part I: Sitecore (CVE-2023-35813)
The `TemplateParser` is fundamental in ASP.NET Web Forms. It is used for parsing different ASP.NET source files such as `*.aspx` and for parsing other input from various sources, including user provided data.
In this two part series we will take a deep look…
In this two part series we will take a deep look…
👍1
A tale about a Red Team exercise and the Forcepoint Endpoint One DLP client https://www.vicarius.io/vsociety/posts/a-tale-about-a-red-team-exercise-and-the-forcepoint-endpoint-one-dlp-client-1
🤮1
CVE-2023-29357: Microsoft SharePoint Server Elevation of Privilege Vulnerability https://github.com/Chocapikk/CVE-2023-29357/tree/main
GitHub
GitHub - Chocapikk/CVE-2023-29357: Microsoft SharePoint Server Elevation of Privilege Vulnerability
Microsoft SharePoint Server Elevation of Privilege Vulnerability - Chocapikk/CVE-2023-29357
Legitimate exfiltration tools : summary and detection for incident response and threat hunting https://www.synacktiv.com/publications/legitimate-exfiltration-tools-summary-and-detection-for-incident-response-and-threat.html
Synacktiv
Legitimate exfiltration tools : summary and detection for incident
Credit card thieves target Booking.com customers https://www.malwarebytes.com/blog/news/2023/09/credit-card-thieves-target-bookingcom-customers
Malwarebytes
Credit card thieves target Booking.com customers
A very clever and complex phishing campaign uses organizations in the hospitality industry to get customers' credit card information.
Critical libwebp Vulnerability Under Active Exploitation - Gets Maximum CVSS Score https://thehackernews.com/2023/09/new-libwebp-vulnerability-under-active.html
CVE-2022-2602: DirtyCred File Exploitation applied on an io_uring UAF https://blog.hacktivesecurity.com/index.php/2022/12/21/cve-2022-2602-dirtycred-file-exploitation-applied-on-an-io_uring-uaf/
Hacktivesecurity
Add title here
Hacktive Security - Advanced Cyber Security Services
❤1
Getting RCE in Chrome with incorrect side effect in the JIT compiler https://github.blog/2023-09-26-getting-rce-in-chrome-with-incorrect-side-effect-in-the-jit-compiler/
The GitHub Blog
Getting RCE in Chrome with incorrect side effect in the JIT compiler
In this post, I'll exploit CVE-2023-3420, a type confusion in Chrome that allows remote code execution (RCE) in the renderer sandbox of Chrome by a single visit to a malicious site.
LDAP Queries for Offensive and Defensive Operations https://www.politoinc.com/post/ldap-queries-for-offensive-and-defensive-operations
Polito, Inc.
LDAP Queries for Offensive and Defensive Operations
The intention of this post is to provide basic queries for targeted AD DS information gathering used in penetration testing. The reader can
Automating the Discovery of NTLM Authentication Endpoints https://www.praetorian.com/blog/automating-the-discovery-of-ntlm-authentication-endpoints/
Praetorian
Automating the Discovery of NTLM Authentication Endpoints | Praetorian
Recently, I have been working on adding support for automated enumeration and discovery of NTLM authentication endpoints to Chariot, our external attack surface and continuous automated red teaming product. Our red team requested this feature as a way to…
Google assigns new maximum rated CVE to libwebp bug exploited in attacks https://www.bleepingcomputer.com/news/security/google-assigns-new-maximum-rated-cve-to-libwebp-bug-exploited-in-attacks/
BleepingComputer
Google assigns new maximum rated CVE to libwebp bug exploited in attacks
Google has assigned a new CVE ID (CVE-2023-5129) to a libwebp security vulnerability exploited as a zero-day in attacks and patched two weeks ago.
Analysis of CVE-2023-3519 in Citrix ADC and NetScaler Gateway (Part 2) https://blog.assetnote.io/2023/07/24/citrix-rce-part-2-cve-2023-3519/
DirtyCred Remastered: how to turn an UAF into Privilege Escalation https://exploiter.dev/blog/2022/CVE-2022-2602.html
LukeGix
DirtyCred Remastered
DirtyCred Remastered: how to turn an UAF into Privilege Escalation
Malicious npm Packages Strike Again: Exfiltrating Kubernetes Configurations and SSH Keys https://www.cyber-oracle.com/p/malicious-npm-packages-strike-again
Cyber-Oracle
Malicious npm Packages Strike Again: Exfiltrating Kubernetes Configurations and SSH Keys
Plus, Signal Fortifies Its Encryption: PQXDH Protocol Upgrade Bolsters Quantum Resistance
Reports about Cyber Actors Hiding in Router Firmware https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-csa-cyber-report-sept-2023
Cisco
Cisco Security Advisory: Reports about Cyber Actors Hiding in Router Firmware
On September 27, 2023, the U.S. National Security Agency (NSA), the U.S. Federal Bureau of Investigation (FBI), the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the Japan National Police Agency (NPA), and the Japan National Center of Incident…
Input Validation: Necessary but Not Sufficient; It Doesn't Target the Fundamental Issue https://discuss.secdim.com/t/input-validation-necessary-but-not-sufficient-it-doesnt-target-the-fundamental-issue/1172
Discuss
Input Validation: Necessary but Not Sufficient; It Doesn't Target the Fundamental Issue
I have reviewed several solutions for our fix the flag contests, contributed by seasoned developers and prominent CTF players. What has been the most commonly adopted approach to address security vulnerabilities? The answer is Input Validation. This doesn’t…
Meterpreter vs Modern EDR(s) https://redops.at/en/blog/meterpreter-vs-modern-edrs-in-2023
RedOps - English
Meterpreter vs Modern EDR(s) - RedOps
Escaping the Google kCTF Container with a Data-Only Exploit https://h0mbre.github.io/kCTF_Data_Only_Exploit/#
The Human Machine Interface
Escaping the Google kCTF Container with a Data-Only Exploit
Introduction I’ve been doing some Linux kernel exploit development/study and vulnerability research off and on since last Fall and a few months ago I had some downtime on vacation to sit and challenge myself to write my first data-only exploit for a real…
Abusing undocumented features to spoof PE section headers https://secret.club/2023/06/05/spoof-pe-sections.html
secret club
Abusing undocumented features to spoof PE section headers
Introduction Some time ago, I accidentally came across some interesting behaviour in PE files while debugging an unrelated project. I noticed that setting the SectionAlignment value in the NT header to a value lower than the page size (4096) resulted in significant…