Docker Security – Step-by-Step Hardening (Docker Hardening) https://reynardsec.com/en/docker-platform-security-step-by-step-hardening/
ReynardSec
Docker Security - Step-by-Step Hardening (Docker Hardening) - ReynardSec
This article provides practical recommendations for configuring Docker platform aimed at increasing its security. It also suggests tools helpful in automation of some tasks related to securing Docker.
👍1
Type Libraries Unleashed: Powering Macros with DLL Insights https://posts.redteamtacticsacademy.com/type-libraries-unleashed-powering-macros-with-dll-insights-9bcff8404017
Medium
Type Libraries Unleashed: Powering Macros with DLL Insights
Recently, I was revisiting Outflank’s treasure trove of insights when an article from March 2023 caught my eye — specifically, “Attacking…
👍1
Full Chain Analysis of CVE-2022-4262, a non-trivial feedback slot type confusion in V8 https://github.com/bjrjk/CVE-2022-4262/
GitHub
GitHub - bjrjk/CVE-2022-4262: Full Chain Analysis of CVE-2022-4262, a non-trivial feedback slot type confusion in V8.
Full Chain Analysis of CVE-2022-4262, a non-trivial feedback slot type confusion in V8. - bjrjk/CVE-2022-4262
C101011: D-Link DIR-865L, Remote Code Execution (pre-auth) https://therealcoiffeur.com/c101011.html
Coiffeur’s blog
C101011: D-Link DIR-865L, Remote Code Execution (pre-auth)
Vulnerability research blog
Mirai Variant CVE-2023-1389 https://blog.permafrostsec.com/posts/mirai-variant-cve-2023-1389/
A technical analysis of the BackMyData ransomware used to attack hospitals in Romania https://cybergeeks.tech/a-technical-analysis-of-the-backmydata-ransomware-used-to-attack-hospitals-in-romania/
C101100: D-Link DIR-865L, Unsigned firmware upload lead to persistent backdoor (pre-auth) https://therealcoiffeur.com/c101100.html
Coiffeur’s blog
C101100: D-Link DIR-865L, Unsigned firmware upload lead to persistent backdoor (pre-auth)
Vulnerability research blog
Russia-Aligned TAG-70 Targets European Government and Military Mail Servers in New Espionage Campaign https://www.recordedfuture.com/russia-aligned-tag-70-targets-european-government-and-military-mail
Recordedfuture
Russia-Aligned TAG-70 Targets European Government and Military Mail Servers in New Espionage Campaign
Insikt Group has observed TAG-70 leveraging cross-site scripting (XSS) vulnerabilities against Roundcube webmail servers in Europe, targeting government, military, and national infrastructure.
Say Friend and Enter: Digitally lockpicking an advanced smart lock (Part 1: functional analysis) https://alephsecurity.com/2024/02/20/kontrol-lux-lock-1/
Alephsecurity
Say Friend and Enter: Digitally lockpicking an advanced smart lock (Part 1: functional analysis)
C101101: D-Link DIR-865L, Memory corruptions lead to Remote Code Execution (pre-auth) https://therealcoiffeur.com/c101101.html
Coiffeur’s blog
C101101: D-Link DIR-865L, Memory corruptions lead to Remote Code Execution (pre-auth)
Vulnerability research blog
How I Hacked the Dutch Government: Exploiting an Innocent Image for Remote Code Execution https://medium.com/@mukundbhuva/how-i-hacked-the-dutch-government-exploiting-an-innocent-image-for-remote-code-execution-df1fa936e46a
Medium
How I Hacked the Dutch Government: Exploiting an Innocent Image for Remote Code Execution
Pwning the Dutch Government with RCE
NFC RELAY ATTACK ON TESLA MODEL Y https://act-on.ioactive.com/acton/attachment/34793/f-6460b49e-1afe-41c3-8f73-17dc14916847/1/-/-/-/-/NFC-relay-TESlA_JRoriguez.pdf
CVE-2023-5480: Chrome new XSS Vector https://blog.slonser.info/posts/cve-2023-5480/
blog.slonser.info
CVE-2023-5480: Chrome new XSS Vector
Chrome XSS The article is informative and intended for security specialists conducting testing within the scope of a contract. The author is not responsible for any damage caused by the application of the provided information. The distribution of malicious…
Flatlined: Analyzing Pulse Secure Firmware and Bypassing Integrity Checking https://eclypsium.com/blog/flatlined-analyzing-pulse-secure-firmware-and-bypassing-integrity-checking
Eclypsium | Supply Chain Security for the Modern Enterprise
Flatlined: Analyzing Pulse Secure Firmware and Bypassing Integrity Checking
Introduction We’ve recently seen a series of sophisticated attacks targeting Ivanti Pulse Secure VPN appliances, underscoring the challenges surrounding the protection of IT infrastructure such as network devices. The nation-state group UNC5221 exploited…
Breakdown of Tycoon Phishing-as-a-Service System https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/breakdown-of-tycoon-phishing-as-a-service-system/
Trustwave
Breakdown of Tycoon Phishing-as-a-Service System
Weeks after Trustwave SpiderLabs reported on the Greatness phishing-as-a-service (PaaS) framework, the team uncovered another PaaS dubbed Tycoon Group.
CVE-2021-30551 (Type confusion in V8 in Google Chrome) https://cwresearchlab.co.kr/entry/CVE-2021-30551-Type-confusion-in-V8-in-Google-Chrome
Experimenting with Object Initializers in Windows – See PG-compliance Disclaimer* https://revers.engineering/beyond-process-and-object-callbacks-an-unconventional-method/
Reverse Engineering
Experimenting with Object Initializers in Windows - See PG-compliance Disclaimer* - Reverse Engineering
Overview In this article, I wanted to introduce a fun approach to performing functions similar to those enabled by Windows Object Callbacks but through an alternative means (experimentally). It’s well known that anti-malware, anti-cheat, and generic monitoring…
Unauthenticated Remote Code Execution – Bricks <= 1.9.6 https://snicco.io/vulnerability-disclosure/bricks/unauthenticated-rce-in-bricks-1-9-6
snicco
Unauthenticated Remote Code Execution – Bricks <= 1.9.6 – snicco
Affected plugin Bricks Builder Active installs Commercial ~ 25000 Vulnerable version <= 1.9.6 Audited version 1.9.6 Fully patched version 1.9.6.1 Recommended
An Introduction into Stack Spoofing https://dtsec.us/2023-09-15-StackSpoofin/
Nigerald's blog
An Introduction into Stack Spoofing
And losing my sanity against Elastic