IMPLEMENTATION OF SIGNAL HANDLING https://courses.cms.caltech.edu/cs124/lectures-wi2016/CS124Lec15.pdf
A christmas tale: pwning GTB Central Console (CVE-2024-22107 & CVE-2024-22108) https://adepts.of0x.cc/gtbcc-pwned/
A christmas tale: pwning GTB Central Console (CVE-2024-22107 & CVE-2024-22108) |
A christmas tale: pwning GTB Central Console (CVE-2024-22107 & CVE-2024-22108) | AdeptsOf0xCC
Yet another security platform being pwned by trivial vulnerabilities (CVE-2024-22107 & CVE-2024-22108)
Linux SLUB Allocator Internals and Debugging, Part 1 of 4 https://blogs.oracle.com/linux/post/linux-slub-allocator-internals-and-debugging-1
Oracle
Linux SLUB Allocator Internals and Debugging, Part 1 of 4
The first in a series of blogs discussing the internals of the Linux SLUB allocator and techniques available to assist with debugging issues.
❤1
Chrome 0day in Skia (CVE-2023-6435) https://twitter.com/zerodaytraining/status/1730184167936401466
Ubuntu Shiftfs: Unbalanced
Unlock Exploitation Attempt
CVE-2023-2612 (Grehack 2023) https://www.synacktiv.com/sites/default/files/2023-11/ubuntu_shiftfs.pdf
Unlock Exploitation Attempt
CVE-2023-2612 (Grehack 2023) https://www.synacktiv.com/sites/default/files/2023-11/ubuntu_shiftfs.pdf
*nix libX11: Uncovering and exploiting a 35-year-old vulnerability – Part 2 of 2 https://jfrog.com/blog/xorg-libx11-vulns-cve-2023-43786-cve-2023-43787-part-two/
JFrog
*nix libX11: Uncovering and exploiting a 35-year-old vulnerability - Part 2 of 2
Learn all about the 35-year-old vulnerabilities found by our Security Team in libX11, causing a denial-of-service and remote code execution.
SSD Advisory – Zyxel VPN Series Pre-auth Remote Command Execution https://ssd-disclosure.com/ssd-advisory-zyxel-vpn-series-pre-auth-remote-command-execution
SSD Secure Disclosure
SSD Advisory - Zyxel VPN Series Pre-auth Remote Command Execution - SSD Secure Disclosure
Summary Chaining of three vulnerabilities allows unauthenticated attackers to execute arbitrary command with root privileges on Zyxel VPN firewall (VPN50, VPN100, VPN300, VPN500, VPN1000). Due to recent attack surface changes in Zyxel, the chain described…
We build X.509 chains so you don’t have to https://blog.trailofbits.com/2024/01/25/we-build-x-509-chains-so-you-dont-have-to/
The Trail of Bits Blog
We build X.509 chains so you don’t have to
For the past eight months, Trail of Bits has worked with the Python Cryptographic Authority to build cryptography-x509-verification, a brand-new, pure-Rust implementation of the X.509 path validation algorithm that TLS and other encryption and authentication…
Linux debugging, profiling, tracing and performance analysis training https://bootlin.com/training/debugging/
Rook to XSS: How I hacked chess.com with a rookie exploit https://skii.dev/rook-to-xss/
Skii.dev
Rook to XSS: How I hacked chess.com with a rookie exploit
Playing Chess is one of the many hobbies I like to do in my spare time, apart from tinkering around with technology. However, I'm not very good at it, and after losing many games, I decided to see if I could do something I'm much better at; hacking the system!
Shooting Yourself in the .flags – Jailbreaking the Sonos Era 100 https://research.nccgroup.com/2023/12/04/shooting-yourself-in-the-flags-jailbreaking-the-sonos-era-100/
“Scammers Paradise” —Exploring Telegram’s Dark Markets, Breeding Ground for Modern Phishing Operations https://labs.guard.io/scammers-paradise-exploring-telegrams-dark-markets-breeding-ground-for-modern-phishing-a2225e51898e
guard.io
“Scammers Paradise” — Exploring Telegram’s Dark Markets, Breeding Ground for Modern Phishing Operations
CVE-2023-6246: Heap-based buffer overflow in the glibc's syslog() https://www.qualys.com/2024/01/30/cve-2023-6246/syslog.txt
❤3
Ransomware’s PLAYing a Broken Game https://www.cyberark.com/resources/threat-research-blog/ransomwares-playing-a-broken-game
Cyberark
Ransomware’s PLAYing a Broken Game
Abstract The Play ransomware group is one of the most successful ransomware syndicates today. All it takes is a quick peek with a disassembler to know why this group has become infamous. This is...
ModSecurity: Path Confusion and really easy bypass on v2 and v3 https://blog.sicuranext.com/modsecurity-path-confusion-bugs-bypass/
Sicuranext Blog
ModSecurity: Path Confusion and really easy bypass on v2 and v3
TL;DR both ModSecurity v2 and v3 share a similar bug that can result in a really simple WAF bypass. The bug in the v3 branch has been fixed in version 3.0.12 and has been assigned the CVE number CVE-2024-1019. However, the bug in the v2 line remains
👍1
Bypassing ASLR and DEP on Windows 7: The Audio Converter Case https://tekwizz123.blogspot.com/2014/02/bypassing-aslr-and-dep-on-windows-7.html
Blogspot
Bypassing ASLR and DEP on Windows 7: The Audio Converter Case
Intro Just before we start, a little shoutout to https://formatmysourcecode.blogspot.co.uk/ for making all the exploit code look neat n ti...
👍2
Persistence – Windows Setup Script https://pentestlab.blog/2024/02/05/persistence-windows-setup-script/
Penetration Testing Lab
Persistence – Windows Setup Script
When the Windows Operating system is installed via a clean installation or via an upgrade, the Windows Setup binary is executed. The Windows setup allows custom scripts to be executed such as the S…
OPC UA Deep Dive Series (Part 9): Chaining Vulnerabilities to Exploit Softing OPC UA Integration Server https://claroty.com/team82/research/opc-ua-deep-dive-series-part-9-chaining-vulnerabilities-to-exploit-softing-opc-ua-integration-server
Claroty
OPC UA Deep Dive Series (Part 9): Chaining Vulnerabilities to Exploit Softing OPC UA Integration Server
In part nine of Claroty Team82's OPC UA Deep Dive Series, we describe remote code execution (RCE) attacks against OPC UA integration servers. We uncovered five new vulnerabilities during our research of the Softing Secure Integration Server, which we were…
Uncovering Hidden Threats with VirusTotal Code Insight https://blog.virustotal.com/2024/01/uncovering-hidden-threats-with.html
Virustotal
Uncovering Hidden Threats with VirusTotal Code Insight
In the constantly changing world of cybersecurity, generative AI is becoming an increasingly valuable tool. This blog post shows various exa...
Resolving code review comments with ML https://research.google/blog/resolving-code-review-comments-with-ml/
research.google
Resolving code review comments with ML
Posted by Alexander Frömmgen, Staff Software Engineer, and Lera Kharatyan, Senior Software Engineer, Core Systems & Experiences Code-change rev...
SSD Advisory – TOTOLINK LR1200GB Auth Bypass https://ssd-disclosure.com/ssd-advisory-totolink-lr1200gb-auth-bypass/
SSD Secure Disclosure
SSD Advisory - TOTOLINK LR1200GB Auth Bypass - SSD Secure Disclosure
Summary A vulnerability in TOTOLINK LR1200GB allows remote unauthenticated attackers to become authenticated due to a stack overflow vulnerability in the web interface. Additional post-auth vulnerabilities in the product allow for command injection and their…