Staying ahead of threat actors in the age of AI https://www.microsoft.com/en-us/security/blog/2024/02/14/staying-ahead-of-threat-actors-in-the-age-of-ai/
Microsoft News
Staying ahead of threat actors in the age of AI
Microsoft and OpenAI research on emerging AI threats focusing on threat actors Forest Blizzard, Emerald Sleet, Crimson Sandstorm.
Microsoft 365 AiTM detection: the lessons learned https://zolder.io/microsoft-365-aitm-detection-the-lessons-learned/
Zolder B.V.
Microsoft 365 AiTM detection: the lessons learned
The beginning of January we released a new way to detect AiTM attacks on your Microsoft 365 environment. In just one month, we are protecting over 100 tenants with this new approach. We were able t…
Exploiting Unsynchronised Clocks https://attackshipsonfi.re/p/exploiting-unsynchonised-clocks
attackshipsonfi.re
Exploiting Unsynchronised Clocks
TL;DR According to data from RIPE, over 40% of computers attached to the Internet have a few seconds of clock drift, which with the right combination of headers, will make an HTTP response unintentionally cacheable.
Diving into the DICOM file format https://voidzone.me/posts/diving-into-the-dicom-file-format/
Docker Security – Step-by-Step Hardening (Docker Hardening) https://reynardsec.com/en/docker-platform-security-step-by-step-hardening/
ReynardSec
Docker Security - Step-by-Step Hardening (Docker Hardening) - ReynardSec
This article provides practical recommendations for configuring Docker platform aimed at increasing its security. It also suggests tools helpful in automation of some tasks related to securing Docker.
👍1
Type Libraries Unleashed: Powering Macros with DLL Insights https://posts.redteamtacticsacademy.com/type-libraries-unleashed-powering-macros-with-dll-insights-9bcff8404017
Medium
Type Libraries Unleashed: Powering Macros with DLL Insights
Recently, I was revisiting Outflank’s treasure trove of insights when an article from March 2023 caught my eye — specifically, “Attacking…
👍1
Full Chain Analysis of CVE-2022-4262, a non-trivial feedback slot type confusion in V8 https://github.com/bjrjk/CVE-2022-4262/
GitHub
GitHub - bjrjk/CVE-2022-4262: Full Chain Analysis of CVE-2022-4262, a non-trivial feedback slot type confusion in V8.
Full Chain Analysis of CVE-2022-4262, a non-trivial feedback slot type confusion in V8. - bjrjk/CVE-2022-4262
C101011: D-Link DIR-865L, Remote Code Execution (pre-auth) https://therealcoiffeur.com/c101011.html
Coiffeur’s blog
C101011: D-Link DIR-865L, Remote Code Execution (pre-auth)
Vulnerability research blog
Mirai Variant CVE-2023-1389 https://blog.permafrostsec.com/posts/mirai-variant-cve-2023-1389/
A technical analysis of the BackMyData ransomware used to attack hospitals in Romania https://cybergeeks.tech/a-technical-analysis-of-the-backmydata-ransomware-used-to-attack-hospitals-in-romania/
C101100: D-Link DIR-865L, Unsigned firmware upload lead to persistent backdoor (pre-auth) https://therealcoiffeur.com/c101100.html
Coiffeur’s blog
C101100: D-Link DIR-865L, Unsigned firmware upload lead to persistent backdoor (pre-auth)
Vulnerability research blog
Russia-Aligned TAG-70 Targets European Government and Military Mail Servers in New Espionage Campaign https://www.recordedfuture.com/russia-aligned-tag-70-targets-european-government-and-military-mail
Recordedfuture
Russia-Aligned TAG-70 Targets European Government and Military Mail Servers in New Espionage Campaign
Insikt Group has observed TAG-70 leveraging cross-site scripting (XSS) vulnerabilities against Roundcube webmail servers in Europe, targeting government, military, and national infrastructure.
Say Friend and Enter: Digitally lockpicking an advanced smart lock (Part 1: functional analysis) https://alephsecurity.com/2024/02/20/kontrol-lux-lock-1/
Alephsecurity
Say Friend and Enter: Digitally lockpicking an advanced smart lock (Part 1: functional analysis)
C101101: D-Link DIR-865L, Memory corruptions lead to Remote Code Execution (pre-auth) https://therealcoiffeur.com/c101101.html
Coiffeur’s blog
C101101: D-Link DIR-865L, Memory corruptions lead to Remote Code Execution (pre-auth)
Vulnerability research blog
How I Hacked the Dutch Government: Exploiting an Innocent Image for Remote Code Execution https://medium.com/@mukundbhuva/how-i-hacked-the-dutch-government-exploiting-an-innocent-image-for-remote-code-execution-df1fa936e46a
Medium
How I Hacked the Dutch Government: Exploiting an Innocent Image for Remote Code Execution
Pwning the Dutch Government with RCE
NFC RELAY ATTACK ON TESLA MODEL Y https://act-on.ioactive.com/acton/attachment/34793/f-6460b49e-1afe-41c3-8f73-17dc14916847/1/-/-/-/-/NFC-relay-TESlA_JRoriguez.pdf
CVE-2023-5480: Chrome new XSS Vector https://blog.slonser.info/posts/cve-2023-5480/
blog.slonser.info
CVE-2023-5480: Chrome new XSS Vector
Chrome XSS The article is informative and intended for security specialists conducting testing within the scope of a contract. The author is not responsible for any damage caused by the application of the provided information. The distribution of malicious…
Flatlined: Analyzing Pulse Secure Firmware and Bypassing Integrity Checking https://eclypsium.com/blog/flatlined-analyzing-pulse-secure-firmware-and-bypassing-integrity-checking
Eclypsium | Supply Chain Security for the Modern Enterprise
Flatlined: Analyzing Pulse Secure Firmware and Bypassing Integrity Checking
Introduction We’ve recently seen a series of sophisticated attacks targeting Ivanti Pulse Secure VPN appliances, underscoring the challenges surrounding the protection of IT infrastructure such as network devices. The nation-state group UNC5221 exploited…