CVE-2024-0517 (Out of Bounds Write in V8) https://cwresearchlab.co.kr/entry/CVE-2024-0517-Out-of-Bounds-Write-in-V8
CW Research
CVE-2024-0517 (Out of Bounds Write in V8)
Introduction CVE-2024-0517은 Maglev가 derived constructor를 컴파일하는 과정에서 allocation folding을 처리할 때 발생하는 버그로, out of bounds write를 이용하여 arbitrary code execution이 가능한 취약점입니다. Environment Setting # install depot_tools cd ~ git clone https://chromium.googlesource…
Stranger Strings: An exploitable flaw in SQLite https://blog.trailofbits.com/2022/10/25/sqlite-vulnerability-july-2022-library-api/
The Trail of Bits Blog
Stranger Strings: An exploitable flaw in SQLite
Trail of Bits is publicly disclosing CVE-2022-35737, which affects applications that use the SQLite library API. CVE-2022-35737 was introduced in SQLite version 1.0.12 (released on October 17, 2000) and fixed in release 3.39.2 (released on July 21, 2022).…
JSON Smuggling: A far-fetched intrusion detection evasion technique https://grimminck.medium.com/json-smuggling-a-far-fetched-intrusion-detection-evasion-technique-51ed8f5ee05f
Medium
JSON Smuggling: A far-fetched intrusion detection evasion technique
TL:DR Insignificant whitespaces in the JSON standard can be used to encode data without breaking the format. This could aid malicious…
TinyTurla Next Generation - Turla APT spies on Polish NGOs https://blog.talosintelligence.com/tinyturla-next-generation/
Cisco Talos Blog
TinyTurla Next Generation - Turla APT spies on Polish NGOs
This new backdoor we’re calling “TinyTurla-NG” (TTNG) is similar to Turla’s previously disclosed implant, TinyTurla, in coding style and functionality implementation.
👍2
How to protect Evilginx using Cloudflare and HTML Obfuscation https://www.jackphilipbutton.com/post/how-to-protect-evilginx-using-cloudflare-and-html-obfuscation
Jack Button
How to protect Evilginx using Cloudflare and HTML Obfuscation
Using a combination of Cloudflare and HTML Obfuscation, it is possible to protect your Evilginx server from being flagged as deceptive and so increase your chances of success on Red Team and Social Engineering engagements. Anyone who has tried to run a Social…
Load-time relocation of shared libraries https://eli.thegreenplace.net/2011/08/25/load-time-relocation-of-shared-libraries/
JavaScript Debugging with Maglev Compiler https://vxrl.medium.com/javascript-debugging-with-maglev-compiler-6b2a26cb1a3a
Medium
JavaScript Debugging with Maglev Compiler
Twitter: @Darkfloyd1014
👍1
Unveiling Crypto Miner’s Stealthy Tactics: The Rise of Indirect Syscalls for Evasion https://labs.k7computing.com/index.php/unveiling-crypto-miners-stealthy-tactics-the-rise-of-indirect-syscalls-for-evasion/
K7 Labs
Unveiling Crypto Miner’s Stealthy Tactics: The Rise of Indirect Syscalls for Evasion
Recently we got our hands on a set of samples which had a big data section with high entropy and […]
Position Independent Code (PIC) in shared libraries https://eli.thegreenplace.net/2011/11/03/position-independent-code-pic-in-shared-libraries/
The Attackers Guide to Azure AD Conditional Access https://danielchronlund.com/2022/01/07/the-attackers-guide-to-azure-ad-conditional-access/
Daniel Chronlund Cloud Security Blog
The Attackers Guide to Azure AD Conditional Access
Conditional Access is one of Microsoft’s most powerful security features and the central engine for their zero trust architecture. It’s no secret that I love working with Conditional Ac…
Snap Trap: The Hidden Dangers Within Ubuntu’s Package Suggestion System https://www.aquasec.com/blog/snap-trap-the-hidden-dangers-within-ubuntus-package-suggestion-system/
Aqua
Snap Trap: The Hidden Dangers Within Ubuntu’s Package Suggestion System
Aqua Nautilus researchers have identified a security issue that arises from the interaction between Ubuntu's command-not-found package and the snap package repository.
Staying ahead of threat actors in the age of AI https://www.microsoft.com/en-us/security/blog/2024/02/14/staying-ahead-of-threat-actors-in-the-age-of-ai/
Microsoft News
Staying ahead of threat actors in the age of AI
Microsoft and OpenAI research on emerging AI threats focusing on threat actors Forest Blizzard, Emerald Sleet, Crimson Sandstorm.
Microsoft 365 AiTM detection: the lessons learned https://zolder.io/microsoft-365-aitm-detection-the-lessons-learned/
Zolder B.V.
Microsoft 365 AiTM detection: the lessons learned
The beginning of January we released a new way to detect AiTM attacks on your Microsoft 365 environment. In just one month, we are protecting over 100 tenants with this new approach. We were able t…
Exploiting Unsynchronised Clocks https://attackshipsonfi.re/p/exploiting-unsynchonised-clocks
attackshipsonfi.re
Exploiting Unsynchronised Clocks
TL;DR According to data from RIPE, over 40% of computers attached to the Internet have a few seconds of clock drift, which with the right combination of headers, will make an HTTP response unintentionally cacheable.
Diving into the DICOM file format https://voidzone.me/posts/diving-into-the-dicom-file-format/
Docker Security – Step-by-Step Hardening (Docker Hardening) https://reynardsec.com/en/docker-platform-security-step-by-step-hardening/
ReynardSec
Docker Security - Step-by-Step Hardening (Docker Hardening) - ReynardSec
This article provides practical recommendations for configuring Docker platform aimed at increasing its security. It also suggests tools helpful in automation of some tasks related to securing Docker.
👍1
Type Libraries Unleashed: Powering Macros with DLL Insights https://posts.redteamtacticsacademy.com/type-libraries-unleashed-powering-macros-with-dll-insights-9bcff8404017
Medium
Type Libraries Unleashed: Powering Macros with DLL Insights
Recently, I was revisiting Outflank’s treasure trove of insights when an article from March 2023 caught my eye — specifically, “Attacking…
👍1