Flatlined: Analyzing Pulse Secure Firmware and Bypassing Integrity Checking https://eclypsium.com/blog/flatlined-analyzing-pulse-secure-firmware-and-bypassing-integrity-checking
Eclypsium | Supply Chain Security for the Modern Enterprise
Flatlined: Analyzing Pulse Secure Firmware and Bypassing Integrity Checking
Introduction We’ve recently seen a series of sophisticated attacks targeting Ivanti Pulse Secure VPN appliances, underscoring the challenges surrounding the protection of IT infrastructure such as network devices. The nation-state group UNC5221 exploited…
Breakdown of Tycoon Phishing-as-a-Service System https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/breakdown-of-tycoon-phishing-as-a-service-system/
Trustwave
Breakdown of Tycoon Phishing-as-a-Service System
Weeks after Trustwave SpiderLabs reported on the Greatness phishing-as-a-service (PaaS) framework, the team uncovered another PaaS dubbed Tycoon Group.
CVE-2021-30551 (Type confusion in V8 in Google Chrome) https://cwresearchlab.co.kr/entry/CVE-2021-30551-Type-confusion-in-V8-in-Google-Chrome
Experimenting with Object Initializers in Windows – See PG-compliance Disclaimer* https://revers.engineering/beyond-process-and-object-callbacks-an-unconventional-method/
Reverse Engineering
Experimenting with Object Initializers in Windows - See PG-compliance Disclaimer* - Reverse Engineering
Overview In this article, I wanted to introduce a fun approach to performing functions similar to those enabled by Windows Object Callbacks but through an alternative means (experimentally). It’s well known that anti-malware, anti-cheat, and generic monitoring…
Unauthenticated Remote Code Execution – Bricks <= 1.9.6 https://snicco.io/vulnerability-disclosure/bricks/unauthenticated-rce-in-bricks-1-9-6
snicco
Unauthenticated Remote Code Execution – Bricks <= 1.9.6 – snicco
Affected plugin Bricks Builder Active installs Commercial ~ 25000 Vulnerable version <= 1.9.6 Audited version 1.9.6 Fully patched version 1.9.6.1 Recommended
An Introduction into Stack Spoofing https://dtsec.us/2023-09-15-StackSpoofin/
Nigerald's blog
An Introduction into Stack Spoofing
And losing my sanity against Elastic
Advanced CyberChef Techniques for Configuration Extraction - Detailed Walkthrough and Examples https://www.embeeresearch.io/advanced-cyberchef-operations-netsupport/
Embee Research
Advanced CyberChef Techniques For Malware Analysis - Detailed Walkthrough and Examples
Advanced CyberChef techniques using Registers, Regex and Flow Control
How I Escalated a Time-Based SQL Injection to RCE https://infosecwriteups.com/how-i-escalated-a-time-based-sql-injection-to-rce-bbf0d68cb398
Medium
How I Escalated a Time-Based SQL Injection to RCE
Good day everyone! I hope all of you are doing well.
New WiFi Authentication Vulnerabilities Discovered https://www.top10vpn.com/research/wifi-vulnerabilities/
Top10Vpn
New WiFi Authentication Vulnerabilities Discovered
Two new WiFi vulnerabilities allow hackers to trick you into connecting to fake hotspots and steal your data, and join secure networks without the password.
Hacking Terraform State for Privilege Escalation https://blog.plerion.com/hacking-terraform-state-privilege-escalation/
Plerion
Hacking Terraform State for Privilege Escalation
What can an attacker do if they can edit Terraform state? The answer should be 'nothing' but is actually 'take over your CI/CD pipeline'.
Keylogging in the Windows Kernel with undocumented data structures https://eversinc33.com/posts/kernel-mode-keylogging.html
Hidden GitHub Commits and How to Reveal Them https://neodyme.io/en/blog/github_secrets/
neodyme.io
Hidden GitHub Commits and How to Reveal Them
We have created a tool for GitHub that can reveal commits that potentially contain sensitive information and are not accessible via the public Git history, but that may be of interest or were intentionally deleted.
Threat Brief: WordPress Plugin Exploit Leads to Godzilla Web Shell, Discovery & New CVE https://thedfirreport.com/2024/03/04/threat-brief-wordpress-exploit-leads-to-godzilla-web-shell-discovery-new-cve/
The DFIR Report
Threat Brief: WordPress Plugin Exploit Leads to Godzilla Web Shell, Discovery & New CVE
Below is a recent Threat Brief that we shared with our customers. Each year, we produce over 20 detailed Threat Briefs, which follow a format similar to the below. Typically, these reports include …
On Loaded vs. Executed Libraries During Runtime – What This Means for Reachability https://www.oligo.security/blog/loaded-vs-executed-libraries
www.oligo.security
On Loaded vs. Executed Libraries During Runtime | Oligo Security
The Application Security domain has evolved significantly over the last decade. It’s no surprise then, that with this evolution, comes a jungle of tools that not only causes a lot of confusion, but also a lot of noise, and overlapping messages.
Code injection on Android without ptrace https://erfur.github.io/blog/dev/code-injection-without-ptrace
erfur's bits and pieces
Code injection on Android without ptrace
Evasive Panda leverages Monlam Festival to target Tibetans https://www.welivesecurity.com/en/eset-research/evasive-panda-leverages-monlam-festival-target-tibetans/
Welivesecurity
Evasive Panda leverages Monlam Festival to target Tibetans
ESET research uncovers a cyberespionage campaign that has been victimizing Tibetans through targeted watering hole (also known as a strategic web compromise) and supply-chain compromise attacks
Lord Nemesis Strikes: Supply Chain Attack on the Israeli Academic Sector https://op-c.net/blog/lord-nemesis-strikes-supply-chain-attack-on-the-israeli-academic-sector/
OP Innovate - Premium Application Penetration testing and Incident Response
Lord Nemesis Strikes: Supply Chain Attack on the Israeli Academic Sector - OP INNOVATE
Lord Nemesis, an Iranian hacktivist group, breaches Rashim Software and its Israeli academic clients in a supply chain attack. Learn about the attack, the risks posed by third-party vendors, and how organizations can strengthen their defenses against politically…
Git-Rotate: Leveraging GitHub Actions to Bypass Microsoft Entra Smart lockout https://research.aurainfosec.io/pentest/git-rotate/
Aura Research Division
Git-Rotate: Leveraging GitHub Actions to Bypass Microsoft Entra Smart lockout
Explore how GitHub Actions can be leveraged to rotate IP addresses during password spraying attacks to bypass IP-Based blocking such as Entra Smart lockout.