New Findings Challenge Attribution in Denmark's Energy Sector Cyberattacks https://thehackernews.com/2024/01/new-findings-challenge-attribution-in.html
Rooting the FiiO M6 - Part 1 - Using the "World's Worst Fuzzer" To Find A Kernel Bug https://stigward.github.io/posts/fiio-m6-kernel-bug/
Stigward’s Security Journal
Rooting the FiiO M6 - Part 1 - Using the “World’s Worst Fuzzer” To Find A Kernel Bug
Overview: A few months ago, I was cleaning off my hardware workbench when I came across my FiiO M6, an Android-based “portable high-resolution lossless music player”. I originally purchased the device to aid in my language learning studies and dabble in the…
Rooting the FiiO M6 - Part 2 - Writing an LPE Exploit For Our Overflow Bug https://stigward.github.io/posts/fiio-m6-exploit/
Stigward’s Security Journal
Rooting the FiiO M6 - Part 2 - Writing an LPE Exploit For Our Overflow Bug
Overview:
CVE-2023-36025 Exploited for Defense Evasion in Phemedrone Stealer Campaign https://www.trendmicro.com/en_us/research/24/a/cve-2023-36025-exploited-for-defense-evasion-in-phemedrone-steal.html
Trend Micro
CVE-2023-36025 Exploited for Defense Evasion in Phemedrone Stealer Campaign
This blog delves into the Phemedrone Stealer campaign's exploitation of CVE-2023-36025, the Windows Defender SmartScreen Bypass vulnerability, for its defense evasion and investigates the malware's payload.
Linux Kernel Teaching¶ https://linux-kernel-labs.github.io/refs/heads/master/index.html
Android-based PAX POS vulnerabilities (Part 1) https://blog.stmcyber.com/pax-pos-cves-2023/
STM Cyber Blog
Android-based PAX POS vulnerabilities (Part 1) - STM Cyber Blog
In this article, we present details of 6 vulnerabilities on the Android POS devices made by the worldwide known company PAX Technology.
PixieFail: Nine vulnerabilities in Tianocore's EDK II IPv6 network stack. https://blog.quarkslab.com/pixiefail-nine-vulnerabilities-in-tianocores-edk-ii-ipv6-network-stack.html
Quarkslab
PixieFail: Nine vulnerabilities in Tianocore's EDK II IPv6 network stack. - Quarkslab's blog
This blog post provides details about nine vulnerabilities affecting the IPv6 network protocol stack of EDK II, TianoCore's open source reference implementation of UEFI.
Hacking into a Toyota/Eicher Motors insurance company by exploiting their premium calculator website https://eaton-works.com/2024/01/17/ttibi-email-hack/
Eaton-Works
Hacking into a Toyota/Eicher Motors insurance company by exploiting their premium calculator website
A vulnerable API on Toyota Tsusho Insurance Broker India’s premium calculator website exposed Microsoft corporate cloud credentials.
*nix libX11: Uncovering and exploiting a 35-year-old vulnerability – Part 1 of 2 https://jfrog.com/blog/xorg-libx11-vulns-cve-2023-43786-cve-2023-43787-part-one/
JFrog
*nix libX11: Uncovering and exploiting a 35-year-old vulnerability - Part 1 of 2
Learn all about the 35-year-old vulnerabilities found by our Security Team in libX11, causing a denial-of-service and remote code execution.
New Microsoft Incident Response guides help security teams analyze suspicious activity https://www.microsoft.com/en-us/security/blog/2024/01/17/new-microsoft-incident-response-guides-help-security-teams-analyze-suspicious-activity/
Microsoft News
New Microsoft Incident Response guides help security teams analyze suspicious activity
Access the first two cloud investigation guides from Microsoft Incident Response to improve triage and analysis of data in Microsoft 365 and Microsoft Entra ID.
⚡1
Artifact Reference Guide (created by the Microsoft Incident Response Team) https://www.microsoft.com/content/dam/microsoft/final/en-us/microsoft-brand/documents/MSFT-IR-UAL-Entra-Guide-JAN24.pdf
Reversing and Tooling a Signed Request Hash in Obfuscated JavaScript https://buer.haus/2024/01/16/reversing-and-tooling-a-signed-request-hash-in-obfuscated-javascript/
👍2
Security Brief: TA866 Returns with a Large Email Campaign https://www.proofpoint.com/us/blog/threat-insight/security-brief-ta866-returns-large-email-campaign
Proofpoint
Security Brief: TA866 Returns with a Large Email Campaign | Proofpoint US
What happened Proofpoint researchers identified the return of TA866 to email threat campaign data, after a nine-month absence. On January 11, 2024, Proofpoint blocked a large volume
Exploiting null-dereferences in the Linux kernel https://googleprojectzero.blogspot.com/2023/01/exploiting-null-dereferences-in-linux.html
projectzero.google
Exploiting null-dereferences in the Linux kernel - Project Zero
Posted by Seth Jenkins, Project Zero For a fair amount of time, null-deref bugs were a highly exploitable kernel bug class. Back when the kernel was able t...
👍1
Emulating an iPod Touch 2G using QEMU https://devos50.github.io/blog/2023/ipod-touch-2g-qemu/
devos50.github.io
Emulating an iPod Touch 2G using QEMU | Martijn de Vos
My personal website.
🔥2
$80M in Crypto Disappears Into Drainer-as-a-Service Malware Hell https://www.darkreading.com/cloud-security/80m-crypto-disappears-drainer-malware-hell
Dark Reading
$80M in Crypto Disappears Into Drainer-as-a-Service Malware Hell
The "Infernal Drainer" campaign represents a dangerous evolution in crypto-drainers, believably spoofing Coinbase and maintaining a vast infrastructure-for-rent biz.
A Full Analysis of the Pure Malware Family: Unique and Growing Threat https://any.run/cybersecurity-blog/pure-malware-family-analysis/
ANY.RUN's Cybersecurity Blog
Analysis of the Pure Malware Family: Unique and Growing Threat
Explore a detailed analysis of PureCrypter, PureLogs, and PureMiner, three representatives of the Pure malware family.
New TTPs observed in Mint Sandstorm campaign targeting high-profile individuals at universities and research orgs https://www.microsoft.com/en-us/security/blog/2024/01/17/new-ttps-observed-in-mint-sandstorm-campaign-targeting-high-profile-individuals-at-universities-and-research-orgs/
Microsoft News
New TTPs observed in Mint Sandstorm campaign targeting high-profile individuals at universities and research orgs
A distinct subset of Mint Sandstorm targets high-profile individuals working on Middle Eastern affairs at universities and research orgs.