master: Half-Life 1 engine based games #GitHub #ValveSoftware #halflife #HalfLifeEngine #games https://github.com/ValveSoftware/halflife/tree/master
GitHub
GitHub - ValveSoftware/halflife: Half-Life 1 engine based games
Half-Life 1 engine based games. Contribute to ValveSoftware/halflife development by creating an account on GitHub.
HEAP HEAP HOORAY — Unveiling GLIBC heap overflow vulnerability (CVE-2023–6246) #GLIBC #heapoverflow #FengShui #CVE-2023-6246 #exploitation https://medium.com/@elpepinillo/heap-heap-hooray-unveiling-glibc-heap-overflow-vulnerability-cve-2023-6246-0c6412423269
Medium
HEAP HEAP HOORAY — Unveiling GLIBC heap overflow vulnerability (CVE-2023–6246)
HEAP HEAP HOORAY — Unveiling GLIBC heap overflow vulnerability (CVE-2023–6246) INTRODUCTION In January 30th, Qualys team found a heap overflow in the __vsyslog_internal function of the Glibc …
XZ Utils Made Me Paranoid #TrustedSec #XZUtils #Paranoid #Backdoor #SecurityScanner https://trustedsec.com/blog/xz-utils-made-me-paranoid
TrustedSec
XZ Utils Made Me Paranoid
Identify XZ Utils backdoors by parsing ELF binaries, identifying function hooks, and comparing memory sections in real-time, using tools like ptrace and…
pcap-did-what: Analyze pcaps with Zeek and a Grafana Dashboard #GitHub #pcapAnalysis #Zeek #Grafana #NetworkMonitoring https://github.com/hackertarget/pcap-did-what
GitHub
GitHub - hackertarget/pcap-did-what: Analyze pcaps with Zeek and a Grafana Dashboard
Analyze pcaps with Zeek and a Grafana Dashboard. Contribute to hackertarget/pcap-did-what development by creating an account on GitHub.
Everyday Ghidra: Symbols — Prescription Lenses for Reverse Engineers — Part 1 #EverydayGhidra #ReverseEngineeringSymbols #GhidraTips #SymbolInformationSources https://medium.com/@clearbluejar/everyday-ghidra-symbols-prescription-lenses-for-reverse-engineers-part-1-d3efe9279a0b
Medium
Everyday Ghidra: Symbols — Prescription Lenses for Reverse Engineers — Part 1
In reverse engineering a closed-source binary using Ghidra or other software reverse engineering frameworks, a key objective is to…
🔥3
16 years of CVE-2008-0166 #16YearsCVE2008 #DebianOpenSSLBug #DKIMBIMI2024 #EmailVulnerability #SecurityIssues https://16years.secvuln.info/
16years.secvuln.info
16 years of CVE-2008-0166 - Debian OpenSSL Bug
Many DKIM setups used cryptographic keys vulnerable to the 2008 Debian OpenSSL Bug (CVE-2008-0166) in 2024.
"Password cracking: past, present, future" OffensiveCon 2024 keynote talk slides (by Solar Designer) #OffensiveCon2024 #PasswordCracking #SecurityTalk #Evolution https://www.openwall.com/lists/announce/2024/05/14/1
🔥1
QakBot attacks with Windows zero-day (CVE-2024-30051) #QakBot #CVE202430051 #WindowsZeroDay #Kaspersky #Cybersecurity https://securelist.com/cve-2024-30051/112618/
Securelist
QakBot attacks with Windows zero-day (CVE-2024-30051)
In April 2024, while researching CVE-2023-36033, we discovered another zero-day elevation-of-privilege vulnerability, which was assigned CVE-2024-30051 identifier and patched on May, 14 as part of Microsoft's patch Tuesday. We have seen it exploited by QakBot…
Executing Cobalt Strike's BOFs on ARM-based Linux devices #CobaltStrike #BOFs #ARM #Linux #Zig https://blog.z-labs.eu/2024/05/10/bofs-on-arm-based-devices.html
To the Moon and back(doors): Lunar landing in diplomatic missions #ESETResearch #LunarToolset #CyberSecurity #TurlaAPT #RussianCyberEspionage https://www.welivesecurity.com/en/eset-research/moon-backdoors-lunar-landing-diplomatic-missions/
Welivesecurity
To the Moon and back(doors): Lunar landing in diplomatic missions
ESET researchers provide technical analysis of the Lunar toolset, likely used by the Turla APT group, that infiltrated a European ministry of foreign affairs
QNAP QTS - QNAPping At The Wheel (CVE-2024-27130 and friends) #QNAP #QTS #CVE-2024-27130 #bugdiscovery #NASdevices https://labs.watchtowr.com/qnap-qts-qnapping-at-the-wheel-cve-2024-27130-and-friends/
watchTowr Labs
QNAP QTS - QNAPping At The Wheel (CVE-2024-27130 and friends)
Infosec is, at it’s heart, all about that data. Obtaining access to it (or disrupting access to it) is in every ransomware gang and APT group’s top-10 to-do-list items, and so it makes sense that our research voyage would, at some point, cross paths with…
Discover Proton Mail registration date with one weird trick… https://iq.thc.org/discover-proton-mail-registration-date-with-one-weird-trick
Knowledge Base
Discover Proton Mail registration date with one weird trick…
TL;DR: Proton Mail generates PGP key and publishes it upon account creation using Web Key Directory (WKD) standard. The key contains account creation timestamp, with second precision, which reflects the account creation date.
Proton, a privacy-orient...
Proton, a privacy-orient...
Microsoft Entra Private Access for on-prem users #Microsoft #PrivateAccess #OnPrem #Security #HybridWork https://techcommunity.microsoft.com/t5/microsoft-entra-blog/microsoft-entra-private-access-for-on-prem-users/ba-p/3905450
TECHCOMMUNITY.MICROSOFT.COM
Microsoft Entra Private Access for on-prem users | Microsoft Community Hub
Enable secure access to private apps that use Domain Controller for authentication
Emulating inline decryption for triaging C++ malware #C++ #Malware #ReverseEngineering #InlineDecryption #Emulation https://viuleeenz.github.io/posts/2024/05/emulating-inline-decryption-for-triaging-c-malware/
Security Undisguised
Emulating inline decryption for triaging C++ malware
What we need to know? C and C++ binaries share several commonalities, however, some additional features and complexities introduced by C++ can make reverse engineering C++ binaries more challenging compared to C binaries. Some of the most important features…
“Beeeeeeeeep!”. How Malware Uses the Beep WinAPI Function for Anti-Analysis #Malware #BeepFunction #AntiAnalysis #SecurityLiterate #WinAPI https://securityliterate.com/beeeeeeeeep-how-malware-uses-the-beep-winapi-function-for-anti-analysis/
Kyle Cucci's Cyber Ramblings
“Beeeeeeeeep!”. How Malware Uses the Beep WinAPI Function for Anti-Analysis
I was recently analyzing a malware sample that abuses the Beep function as an interesting evasion tactic. The Beep function basically plays an audible tone notification for the user. The Beep funct…
CVE-2024-4040-SSTI-LFI-PoC: CVE-2024-4040 CrushFTP SSTI LFI & Auth Bypass | Full Server Takeover | Wordlist Support #GitHub #CVE-2024-4040 #SSTI #LFI #PoC https://github.com/Stuub/CVE-2024-4040-SSTI-LFI-PoC
GitHub
GitHub - Stuub/CVE-2024-4040-SSTI-LFI-PoC: CVE-2024-4040 CrushFTP SSTI LFI & Auth Bypass | Full Server Takeover | Wordlist Support
CVE-2024-4040 CrushFTP SSTI LFI & Auth Bypass | Full Server Takeover | Wordlist Support - Stuub/CVE-2024-4040-SSTI-LFI-PoC
system32 important files #OffensiveSecurity #SystemIntegrity #MalwareDetection #FileAbuse https://redteamrecipe.com/system32-important-files
ExpiredDomains.com
redteamrecipe.com is for sale! Check it out on ExpiredDomains.com
Buy redteamrecipe.com for 100 on GoDaddy via ExpiredDomains.com. This premium expired .com domain is ideal for establishing a strong online identity.
🥱1
Leveraging DNS Tunneling for Tracking and Scanning #DNSTunneling #Tracking #Scanning #Security #ThreatResearch https://unit42.paloaltonetworks.com/three-dns-tunneling-campaigns/
Unit 42
Leveraging DNS Tunneling for Tracking and Scanning
We provide a walkthrough of how attackers leverage DNS tunneling for tracking and scanning, an expansion of the way this technique is usually exploited.