Debug Case Study: SharePoint Pre-Auth Code Injection RCE chain CVE-2023-29357 & CVE-2023-24955 https://github.com/DebugPrivilege/InsightEngineering/tree/main/Debugging%20Case%20Studies/Debug%20Case%20Study%3A%20SharePoint%20Pre-Auth%20Code%20Injection%20RCE%20chain%20CVE-2023-29357%20%26%20CVE-2023-24955
GitHub
InsightEngineering/Debugging Case Studies/Debug Case Study: SharePoint Pre-Auth Code Injection RCE chain CVE-2023-29357 & CVE-2023…
Hardcore Debugging. Contribute to DebugPrivilege/InsightEngineering development by creating an account on GitHub.
Atomic Stealer rings in the new year with updated version https://www.malwarebytes.com/blog/threat-intelligence/2024/01/atomic-stealer-rings-in-the-new-year-with-updated-version
Malwarebytes
Atomic Stealer rings in the new year with updated version
Mac users should be aware of an active distribution campaign via malicious ads delivering Atomic Stealer. The latest iteration of the malware is stealthy thanks to added encryption and obfuscation of its code.
How I Discovered an RCE Vulnerability in Tesla, Securing a $10,000 Bounty https://medium.com/@sahul1996l/how-i-discovered-an-rce-vulnerability-in-tesla-securing-a-10-000-bounty-62e725c2a6bd
Medium
The Hidden Gateway: How Extensive Recon Unlocked RCE on a Tesla Infrastructure
Myself: I am Raguraman , Security Researcher 🛡️ | Bug Hunter | CTF Player | Secured @ Tesla,Apple,Amazon,Oracle & more
Exploring FBot | Python-Based Malware Targeting Cloud and Payment Services https://www.sentinelone.com/labs/exploring-fbot-python-based-malware-targeting-cloud-and-payment-services/
SentinelOne
Exploring FBot | Python-Based Malware Targeting Cloud and Payment Services
FBot arms threat actors with a multi-function attack tool designed to hijack cloud, Saas and web services.
Building a Custom Mach-O Memory Loader for macOS - Part 1 https://blog.xpnsec.com/building-a-mach-o-memory-loader-part-1/
XPN InfoSec Blog
@_xpn_ - Building a Custom Mach-O Memory Loader for macOS - Part 1
In this blog we'll look at what it takes to construct an in-memory loader for Mach-O bundles within MacOS Ventura without using dyld. We'll walk though the lower-level details of what makes up a Mach-O file, how dyld processes load commands to map areas into…
😱1
VBA: having fun with macros, overwritten pointers & R/W/X memory https://adepts.of0x.cc/vba-hijack-pointers-rwa/
VBA: having fun with macros, overwritten pointers & R/W/X memory |
VBA: having fun with macros, overwritten pointers & R/W/X memory | AdeptsOf0xCC
Article describing an alternative method to trigger shellcode execution
Welcome To 2024, The SSLVPN Chaos Continues - Ivanti CVE-2023-46805 & CVE-2024-21887 https://labs.watchtowr.com/welcome-to-2024-the-sslvpn-chaos-continues-ivanti-cve-2023-46805-cve-2024-21887/
watchTowr Labs
Welcome To 2024, The SSLVPN Chaos Continues - Ivanti CVE-2023-46805 & CVE-2024-21887
Did you have a good break? Have you had a chance to breathe? Wake up.
It’s 2024, and the chaos continues - thanks to Volexity (Volexity’s writeup), the industry has been alerted to in-the-wild exploitation of 2 incredibly serious 0days (CVE-2023-46805 and…
It’s 2024, and the chaos continues - thanks to Volexity (Volexity’s writeup), the industry has been alerted to in-the-wild exploitation of 2 incredibly serious 0days (CVE-2023-46805 and…
CVE-2023-7028: This repository presents a proof-of-concept of CVE-2023-7028 https://github.com/Vozec/CVE-2023-7028
GitHub
GitHub - Vozec/CVE-2023-7028: This repository presents a proof-of-concept of CVE-2023-7028
This repository presents a proof-of-concept of CVE-2023-7028 - Vozec/CVE-2023-7028
Restoring Dyld Memory Loading https://blog.xpnsec.com/restoring-dyld-memory-loading/
XPN InfoSec Blog
@_xpn_ - Restoring Dyld Memory Loading
Up until recently, we've enjoyed in-memory loading of Mach-O bundles courtesy of dyld and its NSCreateObjectFileImageFromMemory/NSLinkModule API methods. And while these methods still exist today, there is a key difference.. memory modules are now persisted…
CTF challenges including concepts within Hardware Hacking, Embedded Systems and IoT https://exploitthis.ctfd.io
Stealing the Bitlocker key from a TPM https://astralvx.com/stealing-the-bitlocker-key-from-a-tpm/
CVE-2024-20656 – Local Privilege Escalation in the VSStandardCollectorService150 Service https://www.mdsec.co.uk/2024/01/cve-2024-20656-local-privilege-escalation-in-vsstandardcollectorservice150-service/
MDSec
CVE-2024-20656 - Local Privilege Escalation in the VSStandardCollectorService150 Service - MDSec
Overview Visual Studio is a complex and powerful IDE developed by Microsoft and comes with a lot of features that can be interesting from a red team perspective. During this...
Inside CVE-2024-20656: PoC Exploit Threatens Visual Studio Security https://securityonline.info/inside-cve-2024-20656-poc-exploit-threatens-visual-studio-security/
Cybersecurity News
Inside CVE-2024-20656: PoC Exploit Threatens Visual Studio Security
Details and proof-of-concept (PoC) exploit code have emerged about a now-patched security flaw, CVE-2024-20656, in Microsoft Visual Studio
Type Juggling Leads to Two Vulnerabilities in POST SMTP Mailer WordPress Plugin https://www.wordfence.com/blog/2024/01/type-juggling-leads-to-two-vulnerabilities-in-post-smtp-mailer-wordpress-plugin/
Day 9 - XDR Incident Response insights https://github.com/LearningKijo/SecurityResearcher-Note/blob/main/SecurityResearcher-Note-Folder/Day09-XDR-Insights-part1.md
GitHub
SecurityResearcher-Note/SecurityResearcher-Note-Folder/Day09-XDR-Insights-part1.md at main · LearningKijo/SecurityResearcher-Note
Cover various security approaches to attack techniques and also provides new discoveries about security breaches. - LearningKijo/SecurityResearcher-Note
👏1
Analysis of Android settings during a forensic investigation https://blog.digital-forensics.it/2024/01/analysis-of-android-settings-during.html
blog.digital-forensics.it
Analysis of Android settings during a forensic investigation
DFIR research
🥱1
New Findings Challenge Attribution in Denmark's Energy Sector Cyberattacks https://thehackernews.com/2024/01/new-findings-challenge-attribution-in.html
Rooting the FiiO M6 - Part 1 - Using the "World's Worst Fuzzer" To Find A Kernel Bug https://stigward.github.io/posts/fiio-m6-kernel-bug/
Stigward’s Security Journal
Rooting the FiiO M6 - Part 1 - Using the “World’s Worst Fuzzer” To Find A Kernel Bug
Overview: A few months ago, I was cleaning off my hardware workbench when I came across my FiiO M6, an Android-based “portable high-resolution lossless music player”. I originally purchased the device to aid in my language learning studies and dabble in the…
Rooting the FiiO M6 - Part 2 - Writing an LPE Exploit For Our Overflow Bug https://stigward.github.io/posts/fiio-m6-exploit/
Stigward’s Security Journal
Rooting the FiiO M6 - Part 2 - Writing an LPE Exploit For Our Overflow Bug
Overview: