Zero-days exploited in the wild jumped 50% in 2023, fueled by spyware vendors https://therecord.media/zero-day-exploits-jumped-in-2023-spyware
therecord.media
Zero-days exploited in the wild jumped 50% in 2023, fueled by spyware vendors
Cybersecurity experts are warning that zero-day exploits, which can be used to compromise devices before anyone is aware they’re vulnerable, have become more common as nation-state hackers and cybercriminals find sophisticated ways to carry out their attacks.
DJI - The ART of obfuscation https://blog.quarkslab.com/dji-the-art-of-obfuscation.html
Quarkslab
DJI - The ART of obfuscation - Quarkslab's blog
Study of an Android runtime (ART) hijacking mechanism for bytecode injection through a step-by-step analysis of the packer used to protect the DJI Pilot Android application.
io_uring_LPE-CVE-2024-0582: LPE exploit for CVE-2024-0582 (io_uring) https://github.com/ysanatomic/io_uring_LPE-CVE-2024-0582
GitHub
GitHub - ysanatomic/io_uring_LPE-CVE-2024-0582: LPE exploit for CVE-2024-0582 (io_uring)
LPE exploit for CVE-2024-0582 (io_uring). Contribute to ysanatomic/io_uring_LPE-CVE-2024-0582 development by creating an account on GitHub.
Rust for Malware Development https://github.com/Whitecat18/Rust-for-Malware-Development
GitHub
GitHub - Whitecat18/Rust-for-Malware-Development: Rust for malware Development is a repository for advanced Red Team techniques…
Rust for malware Development is a repository for advanced Red Team techniques and offensive malwares & Ransomwares, focused on Rust 🦀 - Whitecat18/Rust-for-Malware-Development
🔥2
Issue 1510709 (Type confusion in Harmony Set methods, leads to RCE) https://h0meb0dy.me/entry/Issue-1510709-Type-confusion-in-Harmony-Set-methods-leads-to-RCE
Exploration of the Dirty Pipe Vulnerability (CVE-2022-0847) https://lolcads.github.io/posts/2022/06/dirty_pipe_cve_2022_0847/
lolcads tech blog
Exploration of the Dirty Pipe Vulnerability (CVE-2022-0847)
Intro This blog post reflects our exploration of the Dirty Pipe Vulnerability in the Linux kernel. The bug was discovered by Max Kellermann and described here . If you haven’t read the original publication yet, we’d suggest that you read it first (maybe also…
Hijacking Chatbots: Dangerous Methods Manipulating GPTs https://medium.com/@jankammerath/hijacking-chatbots-dangerous-methods-manipulating-gpts-52342f4f88b8
Medium
Hijacking Chatbots: Dangerous Methods Manipulating GPTs
Security research on GPTs and LLMs has only just begun. It’s already become a meme to force customer service chatbots to start programming…
CVE-2016-0040 Story of Uninitialized Pointer in Windows Kernel https://r00tkitsmm.github.io/fuzzing/2024/03/29/wmicuninitializedpointer.html
My interesting research.
CVE-2016-0040 Story of Uninitialized Pointer in Windows Kernel
Update:
Return Oriented Programming – ret2win – ROP Emporium #ReturnOrientedProgramming #ROP #BufferOverflow #Exploit https://vandanpathak.com/kernels-and-buffers/return-oriented-programming-ret2win-rop-emporium/
RingBuffer's Blog
ROP Challenge – Exploiting ret2win Binary – RingBuffer's Blog
A detail guide on how to capture the flag using return oriented programming buffer overflow challenge on ROP Emporium.
From OneNote to RansomNote: An Ice Cold Intrusion #Ransomware #IcedID #CobaltStrike #FileZilla https://thedfirreport.com/2024/04/01/from-onenote-to-ransomnote-an-ice-cold-intrusion/
The DFIR Report
From OneNote to RansomNote: An Ice Cold Intrusion
Key Takeaways In late February 2023, threat actors rode a wave of initial access using Microsoft OneNote files. In this case, we observed a threat actor deliver IcedID using this method. After load…
xz/liblzma Backdoor: Open Source Nuke? Maybe Not That Bad! #Backdoor #SupplyChainAttack #OpenSourceNuke https://hardenedvault.net/blog/2024-03-31-xz-lzma-backdoor-open-source-nuke/
hardenedvault.net
xz/liblzma Backdoor: Open Source Nuke? Maybe Not That Bad!
xz/liblzma Backdoor: Open Source Nuke? Maybe Not That Bad! Story Background On March 29, 2024, a report exposing a backdoor in the upstream source code of the controversial open-source project, the xz software package, was made public on the oss-security…
I was recently upgraded with an AI-based component. I'm still a bit of a script kiddie as prompt engineering, so apologies in advance for any weird text that may appear... ¯\_(ツ)_/¯ (does this count as a cybersecurity and AI approach? :))
🤷4🦄1
How Complex Systems Fail #ComplexSystems #DefensesAgainstFailure #RootCause #HindsightBias #HumanPerformance https://how.complexsystems.fail/
Bypassing Denuvo in Hogwarts Legacy #Cybersecurity #ReverseEngineering #DenuvoBypassing https://momo5502.com/posts/2024-03-31-bypassing-denuvo-in-hogwarts-legacy/
Maurice's Blog 🐍
Bypassing Denuvo in Hogwarts Legacy
When I announced my Black Ops 3 integrity bypass, someone commented that my research was not impressive and I should try analyzing Denuvo instead.
That kinda stuck with me, so I did what everyone would do and spent the last 5 months of my free time reverse…
That kinda stuck with me, so I did what everyone would do and spent the last 5 months of my free time reverse…
🔥3
IBIS hotel check-in terminal keypad-code leakage #KeypadCodeLeakage #PhysicalSecurity https://www.pentagrid.ch/en/blog/ibis-hotel-check-in-terminal-keypad-code-leakage/
Pentagrid AG
IBIS hotel check-in terminal keypad-code leakage
An IBIS hotel check-in terminal leaked room door key codes of almost half of the rooms.
xzbot: notes, honeypot, and exploit demo for the xz backdoor (CVE-2024-3094) #Honeypot #ExploitDemo #Backdoor https://github.com/amlweems/xzbot
GitHub
GitHub - amlweems/xzbot: notes, honeypot, and exploit demo for the xz backdoor (CVE-2024-3094)
notes, honeypot, and exploit demo for the xz backdoor (CVE-2024-3094) - amlweems/xzbot
Backdoor in XZ Utils allows RCE: everything you need to know #Backdoor #CVE-2024-3094 #RCE #SecurityResearch https://www.wiz.io/blog/cve-2024-3094-critical-rce-vulnerability-found-in-xz-utils#latest-wiz-research-findings-as-of-april-3-2024-33
wiz.io
CVE-2024-3094: Critical RCE Vulnerability Found in XZ Utils | Wiz Blog
CVE-2024-3094 is a malicious code vulnerability in versions 5.6.0 and 5.6.1 of XZ Utils, enabling an SSH authentication bypass in certain Linux distributions
Lord Of The Ring0 - Part 6 | Conclusion #KernelModeMemory #ObjectCallbacks #KeStackAttachProcess #KeWriteProcessMemory https://idov31.github.io/posts/lord-of-the-ring0-p6
🔥1