C101011: D-Link DIR-865L, Remote Code Execution (pre-auth) https://therealcoiffeur.com/c101011.html
Coiffeur’s blog
C101011: D-Link DIR-865L, Remote Code Execution (pre-auth)
Vulnerability research blog
Mirai Variant CVE-2023-1389 https://blog.permafrostsec.com/posts/mirai-variant-cve-2023-1389/
A technical analysis of the BackMyData ransomware used to attack hospitals in Romania https://cybergeeks.tech/a-technical-analysis-of-the-backmydata-ransomware-used-to-attack-hospitals-in-romania/
C101100: D-Link DIR-865L, Unsigned firmware upload lead to persistent backdoor (pre-auth) https://therealcoiffeur.com/c101100.html
Coiffeur’s blog
C101100: D-Link DIR-865L, Unsigned firmware upload lead to persistent backdoor (pre-auth)
Vulnerability research blog
Russia-Aligned TAG-70 Targets European Government and Military Mail Servers in New Espionage Campaign https://www.recordedfuture.com/russia-aligned-tag-70-targets-european-government-and-military-mail
Recordedfuture
Russia-Aligned TAG-70 Targets European Government and Military Mail Servers in New Espionage Campaign
Insikt Group has observed TAG-70 leveraging cross-site scripting (XSS) vulnerabilities against Roundcube webmail servers in Europe, targeting government, military, and national infrastructure.
Say Friend and Enter: Digitally lockpicking an advanced smart lock (Part 1: functional analysis) https://alephsecurity.com/2024/02/20/kontrol-lux-lock-1/
Alephsecurity
Say Friend and Enter: Digitally lockpicking an advanced smart lock (Part 1: functional analysis)
C101101: D-Link DIR-865L, Memory corruptions lead to Remote Code Execution (pre-auth) https://therealcoiffeur.com/c101101.html
Coiffeur’s blog
C101101: D-Link DIR-865L, Memory corruptions lead to Remote Code Execution (pre-auth)
Vulnerability research blog
How I Hacked the Dutch Government: Exploiting an Innocent Image for Remote Code Execution https://medium.com/@mukundbhuva/how-i-hacked-the-dutch-government-exploiting-an-innocent-image-for-remote-code-execution-df1fa936e46a
Medium
How I Hacked the Dutch Government: Exploiting an Innocent Image for Remote Code Execution
Pwning the Dutch Government with RCE
NFC RELAY ATTACK ON TESLA MODEL Y https://act-on.ioactive.com/acton/attachment/34793/f-6460b49e-1afe-41c3-8f73-17dc14916847/1/-/-/-/-/NFC-relay-TESlA_JRoriguez.pdf
CVE-2023-5480: Chrome new XSS Vector https://blog.slonser.info/posts/cve-2023-5480/
blog.slonser.info
CVE-2023-5480: Chrome new XSS Vector
Chrome XSS The article is informative and intended for security specialists conducting testing within the scope of a contract. The author is not responsible for any damage caused by the application of the provided information. The distribution of malicious…
Flatlined: Analyzing Pulse Secure Firmware and Bypassing Integrity Checking https://eclypsium.com/blog/flatlined-analyzing-pulse-secure-firmware-and-bypassing-integrity-checking
Eclypsium | Supply Chain Security for the Modern Enterprise
Flatlined: Analyzing Pulse Secure Firmware and Bypassing Integrity Checking
Introduction We’ve recently seen a series of sophisticated attacks targeting Ivanti Pulse Secure VPN appliances, underscoring the challenges surrounding the protection of IT infrastructure such as network devices. The nation-state group UNC5221 exploited…
Breakdown of Tycoon Phishing-as-a-Service System https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/breakdown-of-tycoon-phishing-as-a-service-system/
Trustwave
Breakdown of Tycoon Phishing-as-a-Service System
Weeks after Trustwave SpiderLabs reported on the Greatness phishing-as-a-service (PaaS) framework, the team uncovered another PaaS dubbed Tycoon Group.
CVE-2021-30551 (Type confusion in V8 in Google Chrome) https://cwresearchlab.co.kr/entry/CVE-2021-30551-Type-confusion-in-V8-in-Google-Chrome
Experimenting with Object Initializers in Windows – See PG-compliance Disclaimer* https://revers.engineering/beyond-process-and-object-callbacks-an-unconventional-method/
Reverse Engineering
Experimenting with Object Initializers in Windows - See PG-compliance Disclaimer* - Reverse Engineering
Overview In this article, I wanted to introduce a fun approach to performing functions similar to those enabled by Windows Object Callbacks but through an alternative means (experimentally). It’s well known that anti-malware, anti-cheat, and generic monitoring…
Unauthenticated Remote Code Execution – Bricks <= 1.9.6 https://snicco.io/vulnerability-disclosure/bricks/unauthenticated-rce-in-bricks-1-9-6
snicco
Unauthenticated Remote Code Execution – Bricks <= 1.9.6 – snicco
Affected plugin Bricks Builder Active installs Commercial ~ 25000 Vulnerable version <= 1.9.6 Audited version 1.9.6 Fully patched version 1.9.6.1 Recommended
An Introduction into Stack Spoofing https://dtsec.us/2023-09-15-StackSpoofin/
Nigerald's blog
An Introduction into Stack Spoofing
And losing my sanity against Elastic
Advanced CyberChef Techniques for Configuration Extraction - Detailed Walkthrough and Examples https://www.embeeresearch.io/advanced-cyberchef-operations-netsupport/
Embee Research
Advanced CyberChef Techniques For Malware Analysis - Detailed Walkthrough and Examples
Advanced CyberChef techniques using Registers, Regex and Flow Control
How I Escalated a Time-Based SQL Injection to RCE https://infosecwriteups.com/how-i-escalated-a-time-based-sql-injection-to-rce-bbf0d68cb398
Medium
How I Escalated a Time-Based SQL Injection to RCE
Good day everyone! I hope all of you are doing well.
New WiFi Authentication Vulnerabilities Discovered https://www.top10vpn.com/research/wifi-vulnerabilities/
Top10Vpn
New WiFi Authentication Vulnerabilities Discovered
Two new WiFi vulnerabilities allow hackers to trick you into connecting to fake hotspots and steal your data, and join secure networks without the password.