Best Practices for Writing Quality Vulnerability Reports https://itnext.io/best-practices-for-writing-quality-vulnerability-reports-119882422a27
Medium
Best Practices for Writing Quality Vulnerability Reports
How to write great vulnerability reports? If you’re a security consultant, penetration tester or a bug bounty hunter these tips are for…
👍3
Linux Kernel: Exploiting a Netfilter Use-after-Free in kmalloc-cg https://blog.exodusintel.com/2022/12/19/linux-kernel-exploiting-a-netfilter-use-after-free-in-kmalloc-cg/
Exodus Intelligence
Linux Kernel: Exploiting a Netfilter Use-after-Free in kmalloc-cg - Exodus Intelligence
By Sergi Martinez Overview It’s been a while since our last technical blogpost, so here’s one right on time for the Christmas holidays. We describe a method to exploit a use-after-free in the Linux kernel when objects are allocated in a specific slab cache…
🤯3
Revisiting an Old Bug: File Upload to Code Execution https://www.securifera.com/blog/2023/10/25/cve-2021-27198/
Securifera
CVE-2021-27198
This article is in no way affiliated, sponsored, or endorsed with/by Visualware, Inc. All graphics are being displayed under fair use for the purposes of this article.
Revisiting an Old Bug: File Upload to Code Execution
A colleague recently contacted…
Revisiting an Old Bug: File Upload to Code Execution
A colleague recently contacted…
What Every Malware Analyst Should Know About PE Relocations https://malwareid.in/unpack/unpacking-basics/pe-relocation-table
MalwareID Unpacking Guide
PE relocation Table
The Portable Executable (PE) base relocation table is crucial in Windows executable files. It handles memory addresses for functions and data, making sure the program runs well no matter where it's loaded in memory.
👌1
Puncia - Subdomain And Exploit Hunter Powered By AI https://www.kitploit.com/2023/10/puncia-subdomain-and-exploit-hunter.html
KitPloit - PenTest & Hacking Tools
Puncia - Subdomain And Exploit Hunter Powered By AI
Inject My PDF: Prompt Injection for your Resume https://kai-greshake.de/posts/inject-my-pdf/
❤1👾1
CRLFuzz - A fast tool to scan CRLF vulnerability written in Go https://hakin9.org/crlfuzz-a-fast-tool-to-scan-crlf-vulnerability-written-in-go/
Hakin9 - IT Security Magazine
CRLFuzz - A fast tool to scan CRLF vulnerability written in Go
The installation is easy. You can download a prebuilt binary from the releases page, unpack and run! or with
Octo Tempest crosses boundaries to facilitate extortion, encryption, and destruction https://www.microsoft.com/en-us/security/blog/2023/10/25/octo-tempest-crosses-boundaries-to-facilitate-extortion-encryption-and-destruction/
Microsoft News
Octo Tempest crosses boundaries to facilitate extortion, encryption, and destruction
Financially motivated threat actor Octo Tempest's evolving campaigns represent growing concern for organizations across multiple industries.
Measuring the Potential Impact of PIPEDREAM Malware OPC UA Module, MOUSEHOLE https://www.dragos.com/blog/potential-impact-of-pipedream-malware-module-mousehole/
Dragos | Industrial (ICS/OT) Cyber Security
Measuring the Potential Impact of PIPEDREAM Malware OPC UA Module, MOUSEHOLE | Dragos
Discover our testing results on an experiment named MOUSELAB, a derivation of PIPEDREAM OPC UA Module, MOUSEHOLE, to assess the impacts of its capabilities.
Issue 1458911: Security: Libxslt arbitrary file reading using document() method and external entities https://bugs.chromium.org/p/chromium/issues/detail?id=1458911
Refresh: Compromising F5 BIG-IP With Request Smuggling | CVE-2023-46747 https://www.praetorian.com/blog/refresh-compromising-f5-big-ip-with-request-smuggling-cve-2023-46747/
Praetorian
Refresh: Compromising F5 BIG-IP With Request Smuggling | CVE-2023-46747
Overview In an effort to safeguard our customers, we perform proactive vulnerability research with the goal of identifying zero-day vulnerabilities that are likely to impact the security of leading organizations. We decided to focus on the F5 BIG-IP suite…
👍1
Threat Hunting: Detecting Browser Credential Stealing [T1555.003] https://fourcore.io/blogs/threat-hunting-browser-credential-stealing
FourCore
Threat Hunting: Detecting Browser Credential Stealing [T1555.003]
Adversaries can steal credentials, cookies and other private data from browsers using various techniques. We cover how you can simulate Credential Stealing From Browser s and detect it with your security tools. Sigma Rules Inside.
From Akamai to F5 to NTLM... with love https://blog.malicious.group/from-akamai-to-f5-to-ntlm/
Malicious Group
From Akamai to F5 to NTLM... with love.
In this paper I will expose critical flaws in Akamai's implementation that lead to NTLM credential exposure. I'll demonstrate how these vulnerabilities chain across F5 infrastructure, presenting attack techniques and essential mitigations for defenders.
Pentest-Report TOR Browser & OONI https://blog.torproject.org/security-audit-report-tor-browser-ooni/TTP-01-report.pdf
Ragnar Locker ransomware uses a clever trick to dodge detection https://tech.hindustantimes.com/tech/news/a-new-ransomware-uses-virtual-machine-to-dodge-security-71590409211492.html
HT Tech
A new ransomware uses virtual machine to dodge security
Ragnar Locker remains out of reach of the security software.
Turning a boring file move into a privilege escalation on Mac https://pwn.win/2023/10/28/file-move-privesc-mac.html
pwn.win
Turning a boring file move into a privilege escalation on Mac
While poking around Parallels Desktop I found a script which is invoked by a setuid-root binary, which has the following snippet: local prl_dir="${usr_home}/Library/Parallels" if [ -e "$prl_dir" -a ! -d "$prl_dir" ]; then log warning "'${prl_dir}' is not…
👍2
Our server has been under maintenance since last Friday (with continuous ups&down). We are sorry to inform that it will not be fully operational again until next January 2nd (with any luck). Stay tuned for more infosec news soon!
😢2👌2