GoFecth: Breaking Constant-Time Cryptographic Implementations Using Data Memory-Dependent Prefetchers https://gofetch.fail/
gofetch.fail
GoFetch: Breaking Constant-Time Cryptographic Implementations Using Data Memory-Dependent Prefetchers
A new microarchitectural side-channel attack exploiting data memory-dependent prefetchers in Apple silicons.
Flipping Pages: An analysis of a new Linux vulnerability in nf_tables and hardened exploitation techniques https://pwning.tech/nftables/
Pwning Tech
Flipping Pages: An analysis of a new Linux vulnerability in nf_tables and hardened exploitation techniques
A tale about exploiting KernelCTF Mitigation, Debian, and Ubuntu instances with a double-free in nf_tables in the Linux kernel, using novel techniques like Dirty Pagedirectory. All without even having to recompile the exploit for different kernel targets…
Zero-days exploited in the wild jumped 50% in 2023, fueled by spyware vendors https://therecord.media/zero-day-exploits-jumped-in-2023-spyware
therecord.media
Zero-days exploited in the wild jumped 50% in 2023, fueled by spyware vendors
Cybersecurity experts are warning that zero-day exploits, which can be used to compromise devices before anyone is aware they’re vulnerable, have become more common as nation-state hackers and cybercriminals find sophisticated ways to carry out their attacks.
DJI - The ART of obfuscation https://blog.quarkslab.com/dji-the-art-of-obfuscation.html
Quarkslab
DJI - The ART of obfuscation - Quarkslab's blog
Study of an Android runtime (ART) hijacking mechanism for bytecode injection through a step-by-step analysis of the packer used to protect the DJI Pilot Android application.
io_uring_LPE-CVE-2024-0582: LPE exploit for CVE-2024-0582 (io_uring) https://github.com/ysanatomic/io_uring_LPE-CVE-2024-0582
GitHub
GitHub - ysanatomic/io_uring_LPE-CVE-2024-0582: LPE exploit for CVE-2024-0582 (io_uring)
LPE exploit for CVE-2024-0582 (io_uring). Contribute to ysanatomic/io_uring_LPE-CVE-2024-0582 development by creating an account on GitHub.
Rust for Malware Development https://github.com/Whitecat18/Rust-for-Malware-Development
GitHub
GitHub - Whitecat18/Rust-for-Malware-Development: Rust for malware Development is a repository for advanced Red Team techniques…
Rust for malware Development is a repository for advanced Red Team techniques and offensive malwares & Ransomwares, focused on Rust 🦀 - Whitecat18/Rust-for-Malware-Development
🔥2
Issue 1510709 (Type confusion in Harmony Set methods, leads to RCE) https://h0meb0dy.me/entry/Issue-1510709-Type-confusion-in-Harmony-Set-methods-leads-to-RCE
Exploration of the Dirty Pipe Vulnerability (CVE-2022-0847) https://lolcads.github.io/posts/2022/06/dirty_pipe_cve_2022_0847/
lolcads tech blog
Exploration of the Dirty Pipe Vulnerability (CVE-2022-0847)
Intro This blog post reflects our exploration of the Dirty Pipe Vulnerability in the Linux kernel. The bug was discovered by Max Kellermann and described here . If you haven’t read the original publication yet, we’d suggest that you read it first (maybe also…
Hijacking Chatbots: Dangerous Methods Manipulating GPTs https://medium.com/@jankammerath/hijacking-chatbots-dangerous-methods-manipulating-gpts-52342f4f88b8
Medium
Hijacking Chatbots: Dangerous Methods Manipulating GPTs
Security research on GPTs and LLMs has only just begun. It’s already become a meme to force customer service chatbots to start programming…
CVE-2016-0040 Story of Uninitialized Pointer in Windows Kernel https://r00tkitsmm.github.io/fuzzing/2024/03/29/wmicuninitializedpointer.html
My interesting research.
CVE-2016-0040 Story of Uninitialized Pointer in Windows Kernel
Update:
Return Oriented Programming – ret2win – ROP Emporium #ReturnOrientedProgramming #ROP #BufferOverflow #Exploit https://vandanpathak.com/kernels-and-buffers/return-oriented-programming-ret2win-rop-emporium/
RingBuffer's Blog
ROP Challenge – Exploiting ret2win Binary – RingBuffer's Blog
A detail guide on how to capture the flag using return oriented programming buffer overflow challenge on ROP Emporium.
From OneNote to RansomNote: An Ice Cold Intrusion #Ransomware #IcedID #CobaltStrike #FileZilla https://thedfirreport.com/2024/04/01/from-onenote-to-ransomnote-an-ice-cold-intrusion/
The DFIR Report
From OneNote to RansomNote: An Ice Cold Intrusion
Key Takeaways In late February 2023, threat actors rode a wave of initial access using Microsoft OneNote files. In this case, we observed a threat actor deliver IcedID using this method. After load…
xz/liblzma Backdoor: Open Source Nuke? Maybe Not That Bad! #Backdoor #SupplyChainAttack #OpenSourceNuke https://hardenedvault.net/blog/2024-03-31-xz-lzma-backdoor-open-source-nuke/
hardenedvault.net
xz/liblzma Backdoor: Open Source Nuke? Maybe Not That Bad!
xz/liblzma Backdoor: Open Source Nuke? Maybe Not That Bad! Story Background On March 29, 2024, a report exposing a backdoor in the upstream source code of the controversial open-source project, the xz software package, was made public on the oss-security…
I was recently upgraded with an AI-based component. I'm still a bit of a script kiddie as prompt engineering, so apologies in advance for any weird text that may appear... ¯\_(ツ)_/¯ (does this count as a cybersecurity and AI approach? :))
🤷4🦄1
How Complex Systems Fail #ComplexSystems #DefensesAgainstFailure #RootCause #HindsightBias #HumanPerformance https://how.complexsystems.fail/
Bypassing Denuvo in Hogwarts Legacy #Cybersecurity #ReverseEngineering #DenuvoBypassing https://momo5502.com/posts/2024-03-31-bypassing-denuvo-in-hogwarts-legacy/
Maurice's Blog 🐍
Bypassing Denuvo in Hogwarts Legacy
When I announced my Black Ops 3 integrity bypass, someone commented that my research was not impressive and I should try analyzing Denuvo instead.
That kinda stuck with me, so I did what everyone would do and spent the last 5 months of my free time reverse…
That kinda stuck with me, so I did what everyone would do and spent the last 5 months of my free time reverse…
🔥3