Analysis of CVE-2023-39143 – PaperCut RCE #PaperCutRCE #PenetrationTesting #WebDav #PathTraversal #SecurityVulnerabilities https://blog.securelayer7.net/analysis-of-papercut-rce/
SecureLayer7 - Offensive Security, API Scanner & Attack Surface Management
Analysis of CVE-2023-39143 – PaperCut RCE
Overview CVE-2023-39143 is a path traversal vulnerability found in Papercut MF/NG, a print management solution. This particular CVE only affects Windows installations prior to version 22.1.3. With...
Invisible miners: unveiling GHOSTENGINE’s crypto mining operations #ElasticSecurityLabs #GHOSTENGINE #cryptoMining #Malware #MITREATTACK https://www.elastic.co/security-labs/invisible-miners-unveiling-ghostengine
www.elastic.co
Invisible miners: unveiling GHOSTENGINE’s crypto mining operations — Elastic Security Labs
Elastic Security Labs has identified REF4578, an intrusion set incorporating several malicious modules and leveraging vulnerable drivers to disable known security solutions (EDRs) for crypto mining.
Tracking APT SideWinder Domains By Combining Regex Patterns, Whois Records and Domain Registrars #ThreatIntelligence #APTTracking #MalwareAnalysis #CyberSecurity #DomainDetection https://www.embeeresearch.io/advanced-guide-to-infrastructure-analysis-tracking-apt-sidewinder-domains/
Embee Research
Tracking APT SideWinder Domains By Combining Regex Patterns, Whois Records and Domain Registrars
Tracking APT SideWinder Domains With Regular Expressions, Whois Records and Domain Registrars
Nexus Repository Manager 3 Unauthenticated Path Traversal (CVE-2024-4956) #NexusRepositoryManager #CVE20244956 #Vulnerability #GitHub #Security https://github.com/vulhub/vulhub/tree/master/nexus/CVE-2024-4956
GitHub
vulhub/nexus/CVE-2024-4956 at master · vulhub/vulhub
Pre-Built Vulnerable Environments Based on Docker-Compose - vulhub/vulhub
hardentools: Hardentools simply reduces the attack surface on Microsoft Windows computers by disabling low-hanging fruit risky features. #Hardentools #GitHub #WindowsSecurity #RiskReduction #LowHangingFruit https://github.com/hardentools/hardentools
GitHub
GitHub - hardentools/hardentools: Hardentools simply reduces the attack surface on Microsoft Windows computers by disabling low…
Hardentools simply reduces the attack surface on Microsoft Windows computers by disabling low-hanging fruit risky features. - hardentools/hardentools
👍1
Authentication Bypass due to Sensitive Data Exposure in Local Storage #AuthenticationBypass #SensitiveDataExposure #BugBounty #WebApplicationSecurity #HappyHacking https://medium.com/@kritikasingh06/authentication-bypass-due-to-sensitive-data-exposure-in-local-storage-8a706c798800
Medium
Authentication Bypass due to Sensitive Data Exposure in Local Storage
Hey Infosec buddies!
Operation Diplomatic Specter: An Active Chinese Cyberespionage Campaign Leverages Rare Tool Set to Target Governmental Entities in the Middle East, Africa and Asia #ChineseCyberespionage #OperationDiplomaticSpecter #GovernmentalEntities #AsiaAfricaMiddleEast #RareToolSet https://unit42.paloaltonetworks.com/operation-diplomatic-specter/
Unit 42
Operation Diplomatic Specter: An Active Chinese Cyberespionage Campaign Leverages Rare Tool Set to Target Governmental Entities…
A Chinese APT group is targeting political entities across multiple continents. Named Operation Diplomatic Specter, this campaign uses rare techniques and a unique toolset.
Inside the iOS bug that made deleted photos reappear #iOSbug #bugfixed #binaryanalysis https://www.synacktiv.com/publications/inside-the-ios-bug-that-made-deleted-photos-reappear
Synacktiv
Inside the iOS bug that made deleted photos reappear
LangChain JS Arbitrary File Read Vulnerability #LangChain #Vulnerability #ArbitraryFileRead #SSRF #CyberSecurity https://evren.ninja/langchain-afr-vulnerability.html
Old new email attacks #emailattacks #securityresearch #emailspoofing #SMTPvulnerabilities #RFCstandards https://blog.slonser.info/posts/email-attacks/
blog.slonser.info
Old new email attacks
The article is informative and intended for security specialists conducting testing within the scope of a contract. The author is not responsible for any damage caused by the application of the provided information. The distribution of malicious programs…
🔥1
Iconv, set the charset to RCE: Exploiting the glibc to hack the PHP engine (part 1) #PHPexploit #glibcbug #RCEvulnerability #PHPfilters https://www.ambionics.io/blog/iconv-cve-2024-2961-p1
Ambionics
Iconv, set the charset to RCE: Exploiting the glibc to hack the PHP engine (part 1)
A few months ago, I stumbled upon a 24 years old buffer overflow in the glibc, the base library for linux programs. Despite being reachable in multiple well-known libraries or executables, it proved rarely exploitable — while it didn't provide much leeway…
Everyday Ghidra: Symbols — Automatic Symbol Acquisition with Ghidra — Part 2 #EverydayGhidra #SymbolAcquisition #ConfiguringGhidra #RemoteSymbolServers #ReverseEngineering https://medium.com/@clearbluejar/everyday-ghidra-symbols-automatic-symbol-acquisition-with-ghidra-part-2-bf9033a35b39
Medium
Everyday Ghidra: Symbols — Automatic Symbol Acquisition with Ghidra — Part 2
This post, another lesson from the “Everyday Ghidra” series, walks through the process of configuring Ghidra to automatically download…
🔥1
Check Point - Wrong Check Point (CVE-2024-24919) #CheckPoint #CVE-2024-24919 #SSLVPN #PathTraversal #ArbitraryFileRead https://labs.watchtowr.com/check-point-wrong-check-point-cve-2024-24919/
watchTowr Labs
Check Point - Wrong Check Point (CVE-2024-24919)
Gather round, gather round - it’s time for another blogpost tearing open an SSLVPN appliance and laying bare a recent in-the-wild exploited bug. This time, it is Check Point who is the focus of our penetrative gaze.
Check Point, for those unaware, is the…
Check Point, for those unaware, is the…
👍1
Hunting bugs in Nginx JavaScript engine (njs) #bughunting #Nginx #JavaScript #vulnresearch #CTF https://0xbigshaq.github.io/2024/05/24/njs-vr-bugs/
( ͡◕ _ ͡◕)👌
Hunting bugs in Nginx JavaScript engine (njs)
🎉2
Attacking Android Binder: Analysis and Exploitation of CVE-2023-20938 #AndroidBinder #VulnerabilityAnalysis #Exploitation #AndroidSecurity #RootPrivilege https://androidoffsec.withgoogle.com/posts/attacking-android-binder-analysis-and-exploitation-of-cve-2023-20938/
Withgoogle
Attacking Android Binder: Analysis and Exploitation of CVE-2023-20938 - Android Offensive Security Blog
At OffensiveCon 2024, the Android Red Team gave a presentation (slides) on finding and exploiting CVE-2023-20938, a use-after-free vulnerability in the Android Binder device driver. This post will provide technical details about this vulnerability and how…
CVE-2023-48788: Revisiting Fortinet FortiClient EMS to Exploit 7.2.X #Fortinet #FortiClient #Exploit #CVE-2023-48788 #Horizon3.ai https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-revisiting-fortinet-forticlient-ems-to-exploit-7-2-x/
Horizon3.ai
CVE-2023-48788: Revisiting Fortinet FortiClient EMS to Exploit 7.2.X
Revisiting CVE-2023-48788, a SQL injection in Fortinet FortiClient EMS Server. This blog details bypassing several restrictions to achieve arbitrary command execution as SYSTEM.
Securing the Building Blocks: A Deep Dive into Dependency Security #DependencySecurity #VettingDependencies #MaliciousCodeRisk #SecureYourProject #ReduceExposure https://www.devsecurely.com/blog/2023/11/securing-the-building-blocks-a-deep-dive-into-dependency-security
Devsecurely
Securing the Building Blocks: A Deep Dive into Dependency Security | Devsecurely
When the foundations break, the building crumbles. Applications are no different. When building an application, you need to choose the best building blocs. They need to be durable and...
SLE(A)PING Issues: SWAPPALA and Reflective DLL Friends Forever #SleapingIssues #SWAPPALA #ReflectiveDLL #SleepingTechnique #InMemorySleeping https://oldboy21.github.io/posts/2024/06/sleaping-issues-swappala-and-reflective-dll-friends-forever/
oldboy21.github.io
SLE(A)PING Issues: SWAPPALA and Reflective DLL Friends Forever
Here we go again, hello everyone! Sorry I am on a roll this period, can’t really sle(a)p well when I have something still to solve and I had some leftovers from the previous SWAPPALA adventure.
What we going to talk about today?
Well, lots of failures but…
What we going to talk about today?
Well, lots of failures but…
Malware Development, Analysis and DFIR Series #MalwareDevelopment #MalwareAnalysis #DFIR #MemoryModels #AddressTranslation https://azr43lkn1ght.github.io/Malware%20Development,%20Analysis%20and%20DFIR%20Series%20-%20Part%20III/
azr43lkn1ght.github.io
Malware Development, Analysis and DFIR Series - Part III
Delve into windows memory internals! here is the 3rd post of Malware Development, Analysis and DFIR Series.
Analysis of CVE-2024-27348 Apache HugeGraph #CVE20242738 #ApacheHugeGraph #PenetrationTesting #SecurityAudit #GremlinExploitation https://blog.securelayer7.net/remote-code-execution-in-apache-hugegraph/
SecureLayer7 - Offensive Security, API Scanner & Attack Surface Management
Analysis of CVE-2024-27348 Apache HugeGraph
Introduction CVE-2024-27348 is a Remote Code Execution (RCE) vulnerability that exists in Apache HugeGraph Server in versions before 1.3.0. An attacker can bypass the sandbox restrictions and...