Turning a boring file move into a privilege escalation on Mac https://pwn.win/2023/10/28/file-move-privesc-mac.html
pwn.win
Turning a boring file move into a privilege escalation on Mac
While poking around Parallels Desktop I found a script which is invoked by a setuid-root binary, which has the following snippet: local prl_dir="${usr_home}/Library/Parallels" if [ -e "$prl_dir" -a ! -d "$prl_dir" ]; then log warning "'${prl_dir}' is not…
👍2
Our server has been under maintenance since last Friday (with continuous ups&down). We are sorry to inform that it will not be fully operational again until next January 2nd (with any luck). Stay tuned for more infosec news soon!
😢2👌2
Our entire team wishes you and yours a Happy New Year! ❤️
❤11
The Importance of Self-Custody Password Managers: A Deep Dive https://nomadscrolls.net/2023/10/29/the-importance-of-self-custody-password-managers-a-deep-dive/
NetSupport Intrusion Results in Domain Compromise https://thedfirreport.com/2023/10/30/netsupport-intrusion-results-in-domain-compromise/
The DFIR Report
NetSupport Intrusion Results in Domain Compromise
NetSupport Manager is one of the oldest third-party remote access tools still currently on the market with over 33 years of history. This is the first time we will report on a NetSupport RAT intrus…
$1000 Bug using simple Graphql Introspection query https://infosecwriteups.com/1000-bug-using-simple-graphql-introspection-query-b68da8260877
Medium
$1000 Bug using simple Graphql Introspection query
Welcome to my blog! In this post, I will be discussing my experience in the security testing of an application’s implementation of…
PoC released for Microsoft WordPad CVE-2023-36563 flaw exploited in attacks https://securityonline.info/poc-released-for-microsoft-wordpad-cve-2023-36563-flaw-exploited-in-attacks/
Cybersecurity News
PoC released for Microsoft WordPad CVE-2023-36563 flaw exploited in attacks
Not only does it address CVE-2023-36563, but it also patches up two more zero-day vulnerabilities that hackers have been exploiting
🔥1
Do you know Scapy? You can test it from your own browser https://scapy.net/?try=1
Unpatched NGINX ingress controller bugs can be abused to steal Kubernetes cluster secrets https://www.theregister.com/2023/10/30/unpatched_nginx_ingress_controller_bugs/
The Register
Unpatched NGINX ingress controller bugs can be abused to steal Kubernetes cluster secrets
Just tricks, no treats with these 3 vulns
Nice website to find all DNS records for a domain name https://www.nslookup.io/
NsLookup.io
DNS Lookup Tool – Check DNS Records and Nameservers
Explore fast and reliable DNS lookup tools, domain information, and essential network utilities all in one place on NSLookup.io.
Trail of Bits Blog https://blog.trailofbits.com/2023/10/30/the-issue-with-ats-in-apples-macos-and-ios/
The Trail of Bits Blog
The issue with ATS in Apple’s macOS and iOS
Trail of Bits is publicly disclosing a vulnerability (CVE-2023-38596) that affects iOS, iPadOS, and tvOS before version 17, macOS before version 14, and watchOS before version 10. The flaw resides in Apple’s App Transport Security (ATS) protocol handling.…
👍2
How The Tables Have Turned: An analysis of two new Linux vulnerabilities in nf_tables https://blog.dbouman.nl/2022/04/02/How-The-Tables-Have-Turned-CVE-2022-1015-1016/
David's Blog
How The Tables Have Turned: An analysis of two new Linux vulnerabilities in nf_tables
Analysis and exploitation of Linux kernel vulnerabilities CVE-2022-1015 and CVE-2022-1016. I talk about how I found these vulnerabilities, explain the internals of nf_tables and come up with an local privilege escalation exploitation strategy.
Red vs. Blue: Kerberos Ticket Times, Checksums, and You! https://trustedsec.com/blog/red-vs-blue-kerberos-ticket-times-checksums-and-you
TrustedSec
Red vs. Blue: Kerberos Ticket Times, Checksums, and You!
As we dove into our research of building IOAs, we often found ourselves examining ticket times and checksums and were repeatedly surprised by the lack of…
Hacking Some More Secure USB Flash Drives (Part I) https://blog.syss.com/posts/hacking-usb-flash-drives-part-1/
SySS Tech Blog
Hacking Some More Secure USB Flash Drives (Part I)
During a research project in the beginning of 2022, SySS IT security expert Matthias Deeg found several security vulnerabilities in different tested USB flash drives with AES hardware encryption.
🔥2
Hacking Some More Secure USB Flash Drives (Part II) https://blog.syss.com/posts/hacking-usb-flash-drives-part-2/
SySS Tech Blog
Hacking Some More Secure USB Flash Drives (Part II)
In the second article of this series, SySS IT security expert Matthias Deeg presents security vulnerabilities found in another crypto USB flash drive with AES hardware encryption.
Windows CE Reaches End of Life, If Not End of Sales https://tech.slashdot.org/story/23/10/30/1722236/windows-ce-reaches-end-of-life-if-not-end-of-sales
tech.slashdot.org
Windows CE Reaches End of Life, If Not End of Sales
Microsoft's dedicated OS for embedded and pocket devices, Windows CE, has reached the end of its support lifetime. From a report: Windows CE -- and there's never been an official explanation of what the WinCE-inducing name stood for -- debuted in November…
Microsoft announces Security Copilot early access program https://www.bleepingcomputer.com/news/microsoft/microsoft-announces-security-copilot-early-access-program/
BleepingComputer
Microsoft announces Security Copilot early access program
Microsoft announced this week that its ChatGPT-like Security Copilot AI assistant is now available in early access for some customers.
Project Flash update: Advancing Azure Virtual Machine availability monitoring https://azure.microsoft.com/en-us/blog/project-flash-update-advancing-azure-virtual-machine-availability-monitoring/
Microsoft Azure Blog
Project Flash update: Advancing Azure Virtual Machine availability monitoring | Microsoft Azure Blog
Sharing the latest advancements in improving VM availability monitoring for customers with Project Flash. Learn more.
Fixing the Volume on my Bluetooth Earbuds: A bit of reverse engineering goes a long way https://blog.ornx.net/post/bluetooth-volume-fix/
norn's blog
Fixing the Volume on my Bluetooth Earbuds
A bit of reverse engineering goes a long way
👍3