io_uring_LPE-CVE-2023-2598: LPE PoC of a vulnerability in the io_uring subsystem of the Linux Kernel. https://github.com/ysanatomic/io_uring_LPE-CVE-2023-2598
GitHub
GitHub - ysanatomic/io_uring_LPE-CVE-2023-2598: LPE PoC of a vulnerability in the io_uring subsystem of the Linux Kernel.
LPE PoC of a vulnerability in the io_uring subsystem of the Linux Kernel. - ysanatomic/io_uring_LPE-CVE-2023-2598
Great series here >> CVE-2017-11176: A step-by-step Linux Kernel exploitation (part 1/4) https://blog.lexfo.fr/cve-2017-11176-linux-kernel-exploitation-part1.html
Process Injection - Avoiding Kernel Triggered Memory Scans https://www.r-tec.net/r-tec-blog-process-injection-avoiding-kernel-triggered-memory-scans.html
www.r-tec.net
Blog Process Injection
This Blog will show a novel way to avoid detections for Process Injection triggered by ETWti from Kernel.
👍1
Deep Lateral Movement in OT Networks https://www.forescout.com/resources/l1-lateral-movement-report
👍1
Log4Shell - different avenues of exploitation https://olexvel.substack.com/p/log4shell-different-avenues-of-exploitation
Olex’s Substack
Log4Shell - different avenues of exploitation
This is a story about different ways to achieve RCE through the Java Log4j2 vulnerability (Log4Shell, CVE-2021-44228). And while some methods may not work, others may.
XWorm Malware: Exploring C&C Communication https://any.run/cybersecurity-blog/xworm-malware-communication-analysis/
ANY.RUN's Cybersecurity Blog
XWorm Malware: Exploring C&C Communication - ANY.RUN's Cybersecurity Blog
Explore XWorm's communication encryption, uncover decryption methods, and see the data and commands the malware transmits.
The Platform Matters: A Comparative Study on Linux and Windows Ransomware Attacks https://research.checkpoint.com/2023/the-platform-matters-a-comparative-study-on-linux-and-windows-ransomware-attacks/
Check Point Research
The Platform Matters: A Comparative Study on Linux and Windows Ransomware Attacks - Check Point Research
Research by: Marc Salinas Fernandez Key Points Introduction During the last few months, we conducted a study of some of the top ransomware families (12 in total) that either directly developed ransomware for Linux systems or were developed in languages with…
👍1
A Look at IPStorm - Cross-Platform Malware Written in Go https://maldbg.com/ipstorm-golang-malware-windows
CVE-2023-46604-Attacking & Defending ActiveMQ https://www.prio-n.com/blog/cve-2023-46604-attacking-defending-ActiveMQ
PRIOn - AI Driven Vulnerablity Analysis & Prioritization
Blog - CVE-2023-46604-Attacking & Defending ActiveMQ - PRIOn
CVE-2023-46604 discloses a Remote Code Execution (RCE) flaw within Apache ActiveMQ. This vulnerability is trivial to exploit and its leveraged by threat actors.
SRE deep dive into Linux Page Cache https://biriukov.dev/docs/page-cache/0-linux-page-cache-for-sre/
Viacheslav Biriukov
Linux Page Cache for SRE
SRE deep dive into Linux Page Cache # Last updated: Oct 2025 Contents
Prepare environment for experiments Essential Page Cache theory Page Cache and basic file operations Page Cache eviction and page reclaim More about mmap() file access cgroup v2 and Page…
Prepare environment for experiments Essential Page Cache theory Page Cache and basic file operations Page Cache eviction and page reclaim More about mmap() file access cgroup v2 and Page…
CVE-2022-0435: A Remote Stack Overflow in The Linux Kernel https://blog.immunityinc.com/p/a-remote-stack-overflow-in-the-linux-kernel/?ref=0xor0ne.xyz
Immunity Inc. Blog
CVE-2022-0435: A Remote Stack Overflow in The Linux Kernel
CVE-2022-0435: A Remote Stack Overflow in The Linux Kernel Appgate Threat Advisory Services (CANVAS) discovered a vulnerability, where local or remote exploitation can lead to denial of service and code execution. Read more on the discovery and how to remediate.…
BLUFFS: Bluetooth Forward and Future Secrecy Attacks and Defenses https://francozappa.github.io/post/2023/bluffs-ccs23/
Daniele Antonioli
BLUFFS: Bluetooth Forward and Future Secrecy Attacks and Defenses | Daniele Antonioli
Breaking and fixing the Bluetooth standard. One More Time.
Paper Slides Toolkit CVE-2023-24023 BT SIG note
Paper Slides Toolkit CVE-2023-24023 BT SIG note
Good series here on NAT >> Everything you never knew about NATs and wish you hadn't asked https://educatedguesswork.org/posts/nat-part-1/
educatedguesswork.org
Everything you never knew about NATs and wish you hadn't asked
In which I talk about NAT, but mostly dunk on IPv6
Extracting Training Data from ChatGPT https://not-just-memorization.github.io/extracting-training-data-from-chatgpt.html
GoTitan Botnet - Ongoing Exploitation on Apache ActiveMQ https://www.fortinet.com/blog/threat-research/gotitan-botnet-exploitation-on-apache-activemq
Fortinet Blog
GoTitan Botnet - Ongoing Exploitation on Apache ActiveMQ
FortiGuardLabs uncovers the ongoing exploits targeting CVE-2023-46604, with the emergence of a new Golang botnet "GoTitan". Learn more. …