Prompt Engineering https://x.com/bindureddy/status/1814409737557160044?s=61
Exploring GNU extensions in the Linux kernel https://maskray.me/blog/2024-05-12-exploring-gnu-extensions-in-linux-kernel
MaskRay
Exploring GNU extensions in the Linux kernel
The Linux kernel is written in C, but it also leverages extensions provided by GCC. In 2022, it moved from GCC/Clang -std=gnu89 to -std=gnu11. This article explores my notes on how these GNU extension
🤷2
Cursed tapes: Exploiting the EvilVideo vulnerability on Telegram for Android #EvilVideoVulnerability #TelegramAndroidExploit #ZeroDayDiscovery #CyberSecurity #MaliciousPayloads https://www.welivesecurity.com/en/eset-research/cursed-tapes-exploiting-evilvideo-vulnerability-telegram-android/
Welivesecurity
Cursed tapes: Exploiting the EvilVideo vulnerability on Telegram for Android
ESET researchers discovered a zero-day Telegram for Android exploit that allows sending malicious files disguised as videos.
👍2🥱2
WebAssembly and Security: a review #WebAssembly #SecurityReview #CryptoAndSecurity #Research #AccessibilityForum https://arxiv.org/abs/2407.12297
arXiv.org
WebAssembly and Security: a review
WebAssembly is revolutionizing the approach to developing modern applications. Although this technology was born to create portable and performant modules in web browsers, currently, its...
👍2
Bus Pirate 5: The Swiss ARRRmy Knife of Hardware Hacking #BusPirate5 #HardwareHacking #SwissArmyKnife #SupplyChainSecurity #ModernEnterprise https://eclypsium.com/blog/bus-pirate-5-the-swiss-arrrmy-knife-of-hardware-hacking/
Eclypsium | Supply Chain Security for the Modern Enterprise
Bus Pirate 5: The Swiss ARRRmy Knife of Hardware Hacking - Eclypsium | Supply Chain Security for the Modern Enterprise
The Bus Pirate 5 is the latest version of the popular hardware hacking and debugging tool. The LCD screen, programmable LEDs, and several connector options make it a formidable platform worthy of inclusion in your toolbox.
Inside Doppelganger – How Russia uses EU companies for its propaganda #Doppelganger #RussiaPropaganda #EUCompanies #Disinformation #Investigation https://correctiv.org/en/fact-checking-en/2024/07/22/inside-doppelganger-how-russia-uses-eu-companies-for-its-propaganda/
CORRECTIV
Inside Doppelganger – How Russia uses EU companies for its propaganda
How Doppelganger, one of the biggest Russian disinformation campaigns, is using EU companies to keep spreading its propaganda – despite sanctions.
👍2🤡1
edr_blocker: Blocks EDR Telemetry by performing Person-in-the-Middle attack where network filtering is applied using iptables. #GitHub #TierZeroSecurity #EDR #Telemetry #iptables https://github.com/TierZeroSecurity/edr_blocker
GitHub
GitHub - TierZeroSecurity/edr_blocker: Blocks EDR Telemetry by performing Person-in-the-Middle attack where network filtering is…
Blocks EDR Telemetry by performing Person-in-the-Middle attack where network filtering is applied using iptables. The blocked destination IP addresses are parsed based on the server name in TLS Cli...
CVE-2019-8805: Apple EndpointSecurity framework Privilege Escalation #AppleCVE #EndpointSecurityPrivilegeEscalation #PenetrationTesting #CyberSecuritySolution #SecureLayer7 https://blog.securelayer7.net/applied-endpointsecurity-framework-previlege-escalation/
SecureLayer7 - Offensive Security, API Scanner & Attack Surface Management
CVE-2019-8805: Apple EndpointSecurity framework Privilege Escalation
CVE-2019-8805 is a privilege escalation vulnerability found in macOS Catalina 10.15 by Scott Knight. This vulnerability occurs through the Endpoint Security framework introduced in Catalina 10.15....
NO_WILDCARD: How I discovered the Organization ID of any AWS Account #AWSAccountID #VPC #VpcEndpoint #OrganizationID #SecurityResearch https://tracebit.com/blog/no-wildcard-how-i-discovered-the-organization-id-of-any-aws-account
Tracebit
NO_WILDCARD: How I discovered the Organization ID of any AWS Account | Tracebit
Our latest research into VPC Endpoint Policy causes AWS to introduce significant changes!
👍1
Abusing RCU callbacks with a Use-After-Free read to defeat KASLR #UseAfterFree #AbusingRCUcallbacks #DefeatingKASLR #AnatomicalPrecision #LeakingAddresses https://anatomic.rip/abusing_rcu_callbacks_to_defeat_kaslr/
a place of anatomical precision
Abusing RCU callbacks with a Use-After-Free read to defeat KASLR
Introduction In this article, I will be walking you through a clever technique that can be used to leak addresses and defeat KASLR in the Linux Kernel when you have a certain type of Use-After-Free by abusing RCU callbacks. It is by no means a novel technique…
Double Dipping Cheat Developer Gets Caught Red-Handed #Developer #Cheating #InformationSecurity #CyberArk #DoubleDipping https://www.cyberark.com/resources/threat-research-blog/double-dipping-cheat-developer-gets-caught-red-handed
Cyberark
Double Dipping Cheat Developer Gets Caught Red-Handed
Following our post “A Brief History of Game Cheating,” it’s safe to say that cheats, no matter how lucrative or premium they might look, always carry a degree of danger. Today’s story revolves...
An Introduction to Chrome Exploitation - Maglev Edition #ChromeExploitation #V8Pipeline #ChromiumSecurity #JITCompiler #AbstractSyntaxTree https://www.matteomalvica.com/blog/2024/06/05/intro-v8-exploitation-maglev/
Matteomalvica
An Introduction to Chrome Exploitation - Maglev Edition
🔥1
Thread Name-Calling – using Thread Name for offense #ThreadNameCalling #ProcessInjection #AVevasion #ThreadNameOffense #NextGenMalware https://research.checkpoint.com/2024/thread-name-calling-using-thread-name-for-offense/
Check Point Research
Thread Name-Calling - using Thread Name for offense - Check Point Research
Research by: hasherezade Highlights: Introduction Process injection is one of the important techniques used by attackers. We can find its variants implemented in almost every malware. It serves purposes such as: Due to the fact that interference in the memory…
👍1
From Windows drivers to a almost fully working EDR #LearningThroughExperimentations #WindowsKernelDriver #EDRCallbacks #SSDT https://blog.whiteflag.io/blog/from-windows-drivers-to-a-almost-fully-working-edr/
blog.whiteflag.io
From Windows drivers to a almost fully working EDR
In this article we will see how Windows drivers work, how to create one and, in the end, we will develope a custom EDR that will rely on kernel callback functions, static analysis and API hooking.
Issue 2547: Telegram for Android: Use-after-free in Connection::onReceivedData https://bugs.chromium.org/p/project-zero/issues/detail?id=2547
There is no fix for Intel’s crashing 13th and 14th Gen CPUs — any damage is permanent #IntelCPUcrash #PermanentDamage #NoRecall #BiosUpdate #InvisibleDegradation https://www.theverge.com/2024/7/26/24206529/intel-13th-14th-gen-crashing-instability-cpu-voltage-q-a
The Verge
There is no fix for Intel’s crashing 13th and 14th Gen CPUs — any damage is permanent
We got some answers from Intel, and more are on the way.
😡1
CVE-2021-4440: A Linux CNA Case Study #LinuxCNA #CVE2021-4440 #LinuxKernel #VulnerabilityManagement https://grsecurity.net/cve-2021-4440_linux_cna_case_study
grsecurity.net
grsecurity - CVE-2021-4440: A Linux CNA Case Study
This blog serves as a case study into how the newly-formed Linux CNA (CVE Numbering Authority) has affected Linux kernel vulnerability management, through the mishandling of a vulnerability we reported this year in the upstream 5.10 LTS kernel.
Onyx Sleet uses array of malware to gather intelligence for North Korea #RiskIQ #CommunityEdition #Cybersecurity #ThreatIntelligence #FreeProtection https://community.riskiq.com/article/31828df1
Engineering Learnings from the CrowdStrike Falcon Outage #EngineeringLearnings #CrowdStrikeOutage #PreventionThroughEngineering #EngineeringCultures #TestingPractices https://mazinahmed.net/blog/crowdstrike-incident-engineering-learnings/
Mazin Ahmed
Engineering Learnings from the CrowdStrike Falcon Outage
🤡2