How The Tables Have Turned: An analysis of two new Linux vulnerabilities in nf_tables https://blog.dbouman.nl/2022/04/02/How-The-Tables-Have-Turned-CVE-2022-1015-1016/
David's Blog
How The Tables Have Turned: An analysis of two new Linux vulnerabilities in nf_tables
Analysis and exploitation of Linux kernel vulnerabilities CVE-2022-1015 and CVE-2022-1016. I talk about how I found these vulnerabilities, explain the internals of nf_tables and come up with an local privilege escalation exploitation strategy.
Red vs. Blue: Kerberos Ticket Times, Checksums, and You! https://trustedsec.com/blog/red-vs-blue-kerberos-ticket-times-checksums-and-you
TrustedSec
Red vs. Blue: Kerberos Ticket Times, Checksums, and You!
As we dove into our research of building IOAs, we often found ourselves examining ticket times and checksums and were repeatedly surprised by the lack of…
Hacking Some More Secure USB Flash Drives (Part I) https://blog.syss.com/posts/hacking-usb-flash-drives-part-1/
SySS Tech Blog
Hacking Some More Secure USB Flash Drives (Part I)
During a research project in the beginning of 2022, SySS IT security expert Matthias Deeg found several security vulnerabilities in different tested USB flash drives with AES hardware encryption.
🔥2
Hacking Some More Secure USB Flash Drives (Part II) https://blog.syss.com/posts/hacking-usb-flash-drives-part-2/
SySS Tech Blog
Hacking Some More Secure USB Flash Drives (Part II)
In the second article of this series, SySS IT security expert Matthias Deeg presents security vulnerabilities found in another crypto USB flash drive with AES hardware encryption.
Windows CE Reaches End of Life, If Not End of Sales https://tech.slashdot.org/story/23/10/30/1722236/windows-ce-reaches-end-of-life-if-not-end-of-sales
tech.slashdot.org
Windows CE Reaches End of Life, If Not End of Sales
Microsoft's dedicated OS for embedded and pocket devices, Windows CE, has reached the end of its support lifetime. From a report: Windows CE -- and there's never been an official explanation of what the WinCE-inducing name stood for -- debuted in November…
Microsoft announces Security Copilot early access program https://www.bleepingcomputer.com/news/microsoft/microsoft-announces-security-copilot-early-access-program/
BleepingComputer
Microsoft announces Security Copilot early access program
Microsoft announced this week that its ChatGPT-like Security Copilot AI assistant is now available in early access for some customers.
Project Flash update: Advancing Azure Virtual Machine availability monitoring https://azure.microsoft.com/en-us/blog/project-flash-update-advancing-azure-virtual-machine-availability-monitoring/
Microsoft Azure Blog
Project Flash update: Advancing Azure Virtual Machine availability monitoring | Microsoft Azure Blog
Sharing the latest advancements in improving VM availability monitoring for customers with Project Flash. Learn more.
Fixing the Volume on my Bluetooth Earbuds: A bit of reverse engineering goes a long way https://blog.ornx.net/post/bluetooth-volume-fix/
norn's blog
Fixing the Volume on my Bluetooth Earbuds
A bit of reverse engineering goes a long way
👍3
Lateral Movement: Abuse the Power of DCOM Excel Application https://posts.specterops.io/lateral-movement-abuse-the-power-of-dcom-excel-application-3c016d0d9922
Medium
Lateral Movement: Abuse the Power of DCOM Excel Application
In this post, we will talk about an interesting lateral movement technique called ActivateMicrosoftApp() method within the distributed…
33 Protection Products: Strong Defense against Ransomware and Data Stealers https://www.av-test.org/en/news/33-protection-products-strong-defense-against-ransomware-and-data-stealers/
www.av-test.org
33 Protection Products: Strong Defense against Ransomware and Data Stealers
The list of companies, universities, colleges or facilities such as hospitals and public administrations subject to attack is growing longer and longer. Classic protection products or corporate solutions must harness all their protective techniques to fend…
CVE Crowd: web app that tracks CVE mentions on Mastodon https://cvecrowd.com/
Cvecrowd
CVE Crowd | Crowd Intelligence on CVEs
Keep track of actively discussed CVEs and integrate them into your application or business!
DOM-based race condition: racing in the browser for fun https://blog.ryotak.net/post/dom-based-race-condition/
blog.ryotak.net
DOM-based race condition: racing in the browser for fun
Disclaimer
All projects mentioned in this blog post have been contacted, and I confirmed that the behavior described in this article is either working as intended, already fixed, or will not be fixed.
TL;DR
The browser loads elements in the HTML from top…
All projects mentioned in this blog post have been contacted, and I confirmed that the behavior described in this article is either working as intended, already fixed, or will not be fixed.
TL;DR
The browser loads elements in the HTML from top…
Cisco IOS XE CVE-2023-20198: Deep Dive and POC https://www.horizon3.ai/cisco-ios-xe-cve-2023-20198-deep-dive-and-poc/
Horizon3.ai
Cisco IOS XE CVE-2023-20198: Deep Dive and POC
Previously, we explored the patch for CVE-2023-20273 and CVE-2023-20198 affecting Cisco IOS XE and identified some likely vectors an attacker might have used to exploit these vulnerabilities.
How to use John the Ripper for Windows Password Cracking https://www.keshavxplore.in/2023/10/how-to-use-john-ripper-for-windows-passwords-cracking.html
Keshav Xplore
How to use John the Ripper for Windows Password Cracking
Discover John the Ripper's password-cracking prowess. Crack Windows 10, 8, and 7 passwords and extract hashes with ease.
"The EKS Cluster Games" — a cloud security Capture The Flag (CTF) event https://www.wiz.io/blog/announcing-the-eks-cluster-games
wiz.io
Announcing the EKS Cluster Games | Wiz Blog
Test your investigation skills and K8s knowledge in a new Wiz-sponsored CTF event: the EKS Cluster Games!
Fortinet Series 3 — CVE-2022–42475 SSLVPN exploit strategy https://medium.com/@INTfinitySG/fortinet-series-3-cve-2022-42475-sslvpn-exploit-strategy-2578597f892f
Medium
Fortinet Series 3 — CVE-2022–42475 SSLVPN exploit strategy
In this article, we will attempt to explain the program flow, document the heap allocation pattern observed and the strategy to exploit the
The Art of Digital Forensics Report Writing https://www.linkedin.com/pulse/art-digital-forensics-report-writing-william-oettinger-cfce-cissp-8pyuc
Linkedin
The Art of Digital Forensics Report Writing
We have all heard the saying, "If you didn't document it, it didn't happen." This rings especially true in the world of digital forensics.
MDE-DFIR-Resources: A curated list of resources for DFIR through Microsoft Defender for Endpoint leveraging kusto queries, powershell scripts, tools such as KAPE and THOR Cloud and more. https://github.com/cyb3rmik3/MDE-DFIR-Resources
GitHub
GitHub - cyb3rmik3/MDE-DFIR-Resources: A curated list of resources for DFIR through Microsoft Defender for Endpoint leveraging…
A curated list of resources for DFIR through Microsoft Defender for Endpoint leveraging kusto queries, powershell scripts, tools such as KAPE and THOR Cloud and more. - cyb3rmik3/MDE-DFIR-Resources
Analysis of VirtualBox CVE-2023-21987 and CVE-2023-21991 https://qriousec.github.io/post/vbox-pwn2own-2023/
Qrious Secure
Analysis of VirtualBox CVE-2023-21987 and CVE-2023-21991
Introduction Hi, I am Trung (xikhud). Last month, I joined Qrious Secure team as a new member, and my first target was to find and reproduce the security bugs that @bienpnn used at the Pwn2Own Vancouver 2023 to escape the VirtualBox VM.
Since VirtualBox is…
Since VirtualBox is…
👍1
CVE-2023-34050 Spring AMQP Deserialization Remote Code Execution https://blog.pyn3rd.com/2023/11/03/CVE-2023-34050-Spring-AMQP-Deserialization-Remote-Code-Execution/
Pyn3Rd
CVE-2023-34050 Spring AMQP Deserialization Remote Code Execution
PrefaceAfter analyzing Spring Kafka deserialization vulnerability, I received another piece of threat intellegence information. According to VMware official security bulletin, it implies that this v