Welcome To 2024, The SSLVPN Chaos Continues - Ivanti CVE-2023-46805 & CVE-2024-21887 https://labs.watchtowr.com/welcome-to-2024-the-sslvpn-chaos-continues-ivanti-cve-2023-46805-cve-2024-21887/
watchTowr Labs
Welcome To 2024, The SSLVPN Chaos Continues - Ivanti CVE-2023-46805 & CVE-2024-21887
Did you have a good break? Have you had a chance to breathe? Wake up.
It’s 2024, and the chaos continues - thanks to Volexity (Volexity’s writeup), the industry has been alerted to in-the-wild exploitation of 2 incredibly serious 0days (CVE-2023-46805 and…
It’s 2024, and the chaos continues - thanks to Volexity (Volexity’s writeup), the industry has been alerted to in-the-wild exploitation of 2 incredibly serious 0days (CVE-2023-46805 and…
CVE-2023-7028: This repository presents a proof-of-concept of CVE-2023-7028 https://github.com/Vozec/CVE-2023-7028
GitHub
GitHub - Vozec/CVE-2023-7028: This repository presents a proof-of-concept of CVE-2023-7028
This repository presents a proof-of-concept of CVE-2023-7028 - Vozec/CVE-2023-7028
Restoring Dyld Memory Loading https://blog.xpnsec.com/restoring-dyld-memory-loading/
XPN InfoSec Blog
@_xpn_ - Restoring Dyld Memory Loading
Up until recently, we've enjoyed in-memory loading of Mach-O bundles courtesy of dyld and its NSCreateObjectFileImageFromMemory/NSLinkModule API methods. And while these methods still exist today, there is a key difference.. memory modules are now persisted…
CTF challenges including concepts within Hardware Hacking, Embedded Systems and IoT https://exploitthis.ctfd.io
Stealing the Bitlocker key from a TPM https://astralvx.com/stealing-the-bitlocker-key-from-a-tpm/
CVE-2024-20656 – Local Privilege Escalation in the VSStandardCollectorService150 Service https://www.mdsec.co.uk/2024/01/cve-2024-20656-local-privilege-escalation-in-vsstandardcollectorservice150-service/
MDSec
CVE-2024-20656 - Local Privilege Escalation in the VSStandardCollectorService150 Service - MDSec
Overview Visual Studio is a complex and powerful IDE developed by Microsoft and comes with a lot of features that can be interesting from a red team perspective. During this...
Inside CVE-2024-20656: PoC Exploit Threatens Visual Studio Security https://securityonline.info/inside-cve-2024-20656-poc-exploit-threatens-visual-studio-security/
Cybersecurity News
Inside CVE-2024-20656: PoC Exploit Threatens Visual Studio Security
Details and proof-of-concept (PoC) exploit code have emerged about a now-patched security flaw, CVE-2024-20656, in Microsoft Visual Studio
Type Juggling Leads to Two Vulnerabilities in POST SMTP Mailer WordPress Plugin https://www.wordfence.com/blog/2024/01/type-juggling-leads-to-two-vulnerabilities-in-post-smtp-mailer-wordpress-plugin/
Day 9 - XDR Incident Response insights https://github.com/LearningKijo/SecurityResearcher-Note/blob/main/SecurityResearcher-Note-Folder/Day09-XDR-Insights-part1.md
GitHub
SecurityResearcher-Note/SecurityResearcher-Note-Folder/Day09-XDR-Insights-part1.md at main · LearningKijo/SecurityResearcher-Note
Cover various security approaches to attack techniques and also provides new discoveries about security breaches. - LearningKijo/SecurityResearcher-Note
👏1
Analysis of Android settings during a forensic investigation https://blog.digital-forensics.it/2024/01/analysis-of-android-settings-during.html
blog.digital-forensics.it
Analysis of Android settings during a forensic investigation
DFIR research
🥱1
New Findings Challenge Attribution in Denmark's Energy Sector Cyberattacks https://thehackernews.com/2024/01/new-findings-challenge-attribution-in.html
Rooting the FiiO M6 - Part 1 - Using the "World's Worst Fuzzer" To Find A Kernel Bug https://stigward.github.io/posts/fiio-m6-kernel-bug/
Stigward’s Security Journal
Rooting the FiiO M6 - Part 1 - Using the “World’s Worst Fuzzer” To Find A Kernel Bug
Overview: A few months ago, I was cleaning off my hardware workbench when I came across my FiiO M6, an Android-based “portable high-resolution lossless music player”. I originally purchased the device to aid in my language learning studies and dabble in the…
Rooting the FiiO M6 - Part 2 - Writing an LPE Exploit For Our Overflow Bug https://stigward.github.io/posts/fiio-m6-exploit/
Stigward’s Security Journal
Rooting the FiiO M6 - Part 2 - Writing an LPE Exploit For Our Overflow Bug
Overview:
CVE-2023-36025 Exploited for Defense Evasion in Phemedrone Stealer Campaign https://www.trendmicro.com/en_us/research/24/a/cve-2023-36025-exploited-for-defense-evasion-in-phemedrone-steal.html
Trend Micro
CVE-2023-36025 Exploited for Defense Evasion in Phemedrone Stealer Campaign
This blog delves into the Phemedrone Stealer campaign's exploitation of CVE-2023-36025, the Windows Defender SmartScreen Bypass vulnerability, for its defense evasion and investigates the malware's payload.
Linux Kernel Teaching¶ https://linux-kernel-labs.github.io/refs/heads/master/index.html
Android-based PAX POS vulnerabilities (Part 1) https://blog.stmcyber.com/pax-pos-cves-2023/
STM Cyber Blog
Android-based PAX POS vulnerabilities (Part 1) - STM Cyber Blog
In this article, we present details of 6 vulnerabilities on the Android POS devices made by the worldwide known company PAX Technology.
PixieFail: Nine vulnerabilities in Tianocore's EDK II IPv6 network stack. https://blog.quarkslab.com/pixiefail-nine-vulnerabilities-in-tianocores-edk-ii-ipv6-network-stack.html
Quarkslab
PixieFail: Nine vulnerabilities in Tianocore's EDK II IPv6 network stack. - Quarkslab's blog
This blog post provides details about nine vulnerabilities affecting the IPv6 network protocol stack of EDK II, TianoCore's open source reference implementation of UEFI.
Hacking into a Toyota/Eicher Motors insurance company by exploiting their premium calculator website https://eaton-works.com/2024/01/17/ttibi-email-hack/
Eaton-Works
Hacking into a Toyota/Eicher Motors insurance company by exploiting their premium calculator website
A vulnerable API on Toyota Tsusho Insurance Broker India’s premium calculator website exposed Microsoft corporate cloud credentials.
*nix libX11: Uncovering and exploiting a 35-year-old vulnerability – Part 1 of 2 https://jfrog.com/blog/xorg-libx11-vulns-cve-2023-43786-cve-2023-43787-part-one/
JFrog
*nix libX11: Uncovering and exploiting a 35-year-old vulnerability - Part 1 of 2
Learn all about the 35-year-old vulnerabilities found by our Security Team in libX11, causing a denial-of-service and remote code execution.