Article 45 Will Roll Back Web Security by 12 Years https://www.eff.org/deeplinks/2023/11/article-45-will-roll-back-web-security-12-years
Electronic Frontier Foundation
Article 45 Will Roll Back Web Security by 12 Years
The EU is poised to pass a sweeping new regulation, eIDAS 2.0. Buried deep in the text is Article 45, which returns us to the dark ages of 2011, when certificate authorities (CAs) could collaborate
AWS IoT Core: A Compromised Device Perspective https://seanpesce.blogspot.com/2023/11/aws-iot-core-compromised-device.html
Blogspot
AWS IoT Core: A Compromised Device Perspective
TL;DR I recently spent some time exploring the potential capabilities that an evil IoT device might have within an AWS...
Unveiling Vulnerabilities in HTTP Parsers: Exploiting Inconsistencies for Security Breaches https://rafa.hashnode.dev/exploiting-http-parsers-inconsistencies
Jupyter Rising: An Update on Jupyter Infostealer https://blogs.vmware.com/security/2023/11/jupyter-rising-an-update-on-jupyter-infostealer.html
VMware Security Blog
Jupyter Rising: An Update on Jupyter Infostealer
Contributor: Nikki Benoit Executive Summary New Jupyter Infostealer variants continue to evolve with simple yet impactful changes to the techniques used by the malware author. This improvement aims to avoid detection and establishes persistence, enabling…
BlueNoroff strikes again with new macOS malware https://www.jamf.com/blog/bluenoroff-strikes-again-with-new-macos-malware/
Jamf
Jamf Threat Labs Discovers Malware from BlueNoroff
Newly discovered later-stage malware from BlueNoroff APT group targets macOS with characteristics similar to their RustBucket campaign.
nftables Adventures: Bug Hunting and N-day Exploitation (CVE-2023-31248) https://starlabs.sg/blog/2023/09-nftables-adventures-bug-hunting-and-n-day-exploitation/
STAR Labs
nftables Adventures: Bug Hunting and N-day Exploitation (CVE-2023-31248)
During my internship, I have been researching and trying to find bugs within the nftables subsystem. In this blog post, I will talk about a bug I have found, as well as the exploitation of an n-day discovered by Mingi Cho – CVE-2023-31248.
Introduction to…
Introduction to…
🔥1
Bypassing GLIBC 2.32’s Safe-Linking Without Leaks into Code Execution: The House of Rust https://c4ebt.github.io/2021/01/22/House-of-Rust.html
c4e's Blog
Bypassing GLIBC 2.32’s Safe-Linking Without Leaks into Code Execution: The House of Rust
The House of Rust is a heap exploitation technique that drops a shell against full PIE binaries that don’t leak any addresses.
The Swiss Knife - SystemBC | Coroxy https://rexorvc0.com/2023/11/12/Swiss-Knife-SystemBC-Coroxy/
RexorVc0
The Swiss Knife - SystemBC | Coroxy
Threat Researcher
Breaking out of Docker via runC – Explaining CVE-2019-5736 https://unit42.paloaltonetworks.com/breaking-docker-via-runc-explaining-cve-2019-5736/
Unit 42
Breaking out of Docker via runC – Explaining CVE-2019-5736
Last week (2019-02-11) a new vulnerability in runC was reported by its maintainers, originally found by Adam Iwaniuk and Borys Poplawski. Dubbed
Analyzing a Modern In-the-wild Android Exploit https://googleprojectzero.blogspot.com/2023/09/analyzing-modern-in-wild-android-exploit.html
projectzero.google
Analyzing a Modern In-the-wild Android Exploit - Project Zero
By Seth Jenkins, Project ZeroIntroductionIn December 2022, Google’s Threat Analysis Group (TAG) discovered an in-the-wild exploit chain targeting Samsu...
👍1
LNK Files Distributed Through Breached Legitimate Websites (Detected by EDR) https://asec.ahnlab.com/en/58919/
ASEC BLOG
LNK Files Distributed Through Breached Legitimate Websites (Detected by EDR) - ASEC BLOG
AhnLab Security Emergency response Center (ASEC) detected circumstances of a malware strain being distributed through breached legitimate websites using various file names, prompting users to run them. This post will introduce how AhnLab EDR analyzes and…
Don’t throw a hissy fit; defend against Medusa https://research.nccgroup.com/2023/11/13/dont-throw-a-hissy-fit-defend-against-medusa/
Reverse Engineering a Cobalt Strike Dropper With Binary Ninja https://binary.ninja/2022/07/22/reverse-engineering-cobalt-strike.html
Binary Ninja
Binary Ninja - Reverse Engineering a Cobalt Strike Dropper With Binary Ninja
Binary Ninja is a modern reverse engineering platform with a scriptable and extensible decompiler.
Tool Release: Cartographer https://research.nccgroup.com/2023/07/20/tool-release-cartographer/
Behind the Shield: Unmasking Scudo's Defenses https://www.synacktiv.com/en/publications/behind-the-shield-unmasking-scudos-defenses
Synacktiv
Behind the Shield: Unmasking Scudo's Defenses
How does Linux start a process ...and how to ptrace the entry point and m3ss w1th da stack https://iq.thc.org/how-does-linux-start-a-process
Escaping the sandbox: A bug that speaks for itself https://microsoftedge.github.io/edgevr/posts/Escaping-the-sandbox-A-bug-that-speaks-for-itself/
Microsoft Browser Vulnerability Research
Escaping the sandbox: A bug that speaks for itself
Introduction
👍1
Executing from Memory Using ActiveMQ CVE-2023-46604 https://vulncheck.com/blog/cve-2023-44604-activemq-in-memory
VulnCheck
VulnCheck - Outpace Adversaries
Vulnerability intelligence that predicts avenues of attack with speed and accuracy.