The Present Threat of Row Hammer Attacks https://medium.com/@don.aust/the-present-threat-of-row-hammer-attacks-f504e3017047
Medium
The Present Threat of Row Hammer Attacks
In 2014 Google researchers discovered strange interference between memory locations in DDR3, DDR4, and DDR5 Random Access Memory (RAM.) On…
Building an Exploit for FortiGate Vulnerability CVE-2023-27997 https://bishopfox.com/blog/building-exploit-fortigate-vulnerability-cve-2023-27997
Bishop Fox
Building an Exploit for FortiGate Vulnerability CVE-2023-27997
Learn how Bishop Fox built a POC exploit for the pre-authentication remote code injection vulnerability in the Fortinet SSL VPN published by Lexfo.
BPF Memory Forensics with Volatility 3 https://lolcads.github.io/posts/2023/12/bpf_memory_forensics_with_volatility3/
lolcads tech blog
BPF Memory Forensics with Volatility 3
BPF Memory Forensics with Volatility 3 Introduction and Motivation Have you ever wondered how an eBPF rootkit looks like? Well, here’s one, have a good look:
Upon receiving a command and control (C2) request, this specimen can execute arbitrary commands on…
Upon receiving a command and control (C2) request, this specimen can execute arbitrary commands on…
🔥1
Scheduled Task Tampering https://ipurple.team/2024/01/03/scheduled-task-tampering/
Purple Team
Scheduled Task Tampering
The HAFNIUM threat actor is using an unconventional method to tamper scheduled tasks in order to establish persistence via modification of registry keys in their malware called Tarrask. The benefit…
Bitwarden Heist - How to Break Into Password Vaults Without Using Passwords https://blog.redteam-pentesting.de/2024/bitwarden-heist/
RedTeam Pentesting - Blog
Bitwarden Heist - How to Break Into Password Vaults Without Using Passwords
Sometimes, making particular security design decisions can have unexpected consequences. For security-critical software, such as password managers, this can easily lead to catastrophic failure: In this blog post, we show how Bitwarden’s Windows Hello …
SMTP Smuggling: New Flaw Lets Attackers Bypass Security and Spoof Emails https://thehackernews.com/2024/01/smtp-smuggling-new-threat-enables.html
Telerecon: A reconnaissance framework for researching and investigating Telegram. https://github.com/sockysec/Telerecon
GitHub
GitHub - sockysec/Telerecon: A reconnaissance framework for researching and investigating Telegram.
A reconnaissance framework for researching and investigating Telegram. - GitHub - sockysec/Telerecon: A reconnaissance framework for researching and investigating Telegram.
❤1
Security: [0-day] heap overflow in vp8_encode_frame after frame re-sizing https://issues.chromium.org/issues/40073300
2023 CVE Data Review https://jerrygamblin.com/2024/01/03/2023-cve-data-review/
APT28: From Initial Damage to Domain Controller Threats in an Hour (CERT-UA#8399) https://medium.com/cyberscribers-exploring-cybersecurity/apt28-from-initial-damage-to-domain-controller-threats-in-an-hour-cert-ua-8399-1944dd6edcdf
Medium
APT28: From Initial Damage to Domain Controller Threats in an Hour (CERT-UA#8399)
Translation of the CERT-UA Alert and Technical Analysis
👍1
backdoor in upstream xz/liblzma leading to ssh server compromise https://www.openwall.com/lists/oss-security/2024/03/29/4 (check your systems and update ASAP)
🔥2
Bandook RAT Variant Resurfaces, Targeting Windows Machines https://www.leet.lat/threads/bandook-rat-variant-resurfaces-targeting-windows-machines.507/
Dark.charity
News - Bandook RAT Variant Resurfaces, Targeting Windows Machines
It's January 2024 and there is a new troublemaker in town! Meet Bandook, the sneaky remote access trojan that's causing a ruckus on Windows machines.
Exploiting n-day in Home Security Camera https://0xbigshaq.github.io/2024/01/05/tp-link-tapo-c100/
( ͡◕ _ ͡◕)👌
Exploiting n-day in Home Security Camera
❤1🔥1
CVE-2023-49070/51467 - Attacking & Defending Apache OFBiz https://www.prio-n.com/blog/cve-2023-49070-51467-attacking-defending-Apache-OFBiz
Deceptive Cracked Software Spreads Lumma Variant on YouTube https://www.fortinet.com/blog/threat-research/lumma-variant-on-youtube
Fortinet Blog
Deceptive Cracked Software Spreads Lumma Variant on YouTube
FortiGuard Labs uncovered a threat group using YouTube channels to spread Private .NET loader for Lumma Stealer 4.0. Learn more.…
CVE-2024-21633: MobSF Remote code execution (via CVE-2024-21633) https://github.com/0x33c0unt/CVE-2024-21633
GitHub
GitHub - 0x33c0unt/CVE-2024-21633: MobSF Remote code execution (via CVE-2024-21633)
MobSF Remote code execution (via CVE-2024-21633). Contribute to 0x33c0unt/CVE-2024-21633 development by creating an account on GitHub.
How I pwned half of America’s fast food chains, simultaneously. https://mrbruh.com/chattr/
Mrbruh
How I pwned half of America's fast food chains, simultaneously
How I pwned half of America’s fast food chains, simultaneously. Also checkout Eva’s blogpost of this event.
With an upbeat pling my console alerted me that my script had finished running, to be precise it was searching for exposed Firebase credentials on…
With an upbeat pling my console alerted me that my script had finished running, to be precise it was searching for exposed Firebase credentials on…
🥱1
Unauthenticated RCE in Adobe Coldfusion – CVE-2023-26360 https://blog.securelayer7.net/unauthorized-rce-in-adobe-coldfusion/
SecureLayer7 - Offensive Security, API Scanner & Attack Surface Management
Unauthenticated RCE in Adobe Coldfusion – CVE-2023-26360
Overview CVE-2023-263060 was exploited in the wild in Adobe ColdFusion product, a commercial application server for rapid web application development. The vulnerability affects both the 2018 and...