Interesting bug on Android CVE-2024-36971 leading to possible UAF and RCE https://x.com/xvonfers/status/1820561082726965421
CVE-2024-39877: Apache Airflow Arbitrary Code Execution #SecureLayer7 #CVE202439877 #PenetrationTesting #CyberSecurity #ApacheAirflow https://blog.securelayer7.net/arbitrary-code-execution-in-apache-airflow/
SecureLayer7 - Offensive Security, API Scanner & Attack Surface Management
CVE-2024-39877: Apache Airflow Arbitrary Code Execution
Apache Airflow is an open-source platform for programmatically authoring, scheduling, and monitoring workflows. While it offers robust features for managing complex workflows, it has experienced...
Zola ransomware: The many faces of the Proton family #ZolaRansomware #ProtonFamily #CyberSecurity #RansomwareProtection #AcronisActiveProtection https://www.acronis.com/en-us/cyber-protection-center/posts/zola-ransomware-the-many-faces-of-the-proton-family/
Acronis
Zola ransomware: The many faces of the Proton family
While some ransomware will appear as quickly as they fade out of existence, some establish an extended stay, and others simply change their virtual clothes. We recently came across an example of the latter — calling itself Zola.
[Math] Cracking Wi-Fi password using combinatorics #CrackingWiFiPassword #Combinatorics #Aircrack #PythonCode #ShortPasswords https://yurichev.com/n/wifi_comb/
👍1
ROPing Routers from scratch: Step-by-step Tenda Ac8v4 Mips 0day Flow-control ROP -> RCE #0day #ROP #Mipsel #BinaryExploitation #RCE https://0reg.dev/blog/tenda-ac8-rop
0reg.dev
Retr0's Register
Retr0's Threat Research
🔥2
Remediation and Guidance Hub: Channel File 291 Incident #CrowdStrike #RootCauseAnalysis #Remediation #ContentUpdate #ChannelFile291 https://www.crowdstrike.com/falcon-content-update-remediation-and-guidance-hub/
crowdstrike.com
Falcon Content Update Remediation and Guidance Hub | CrowdStrike
Access consolidated remediation and guidance resources for the CrowdStrike Falcon content update affecting Windows hosts.
🔥3
Reverse Engineering for Noobs Part 2: Portable Executable Files #PE #Header #DOS #Stub #Executable https://x86re.com/2.html
CVE-2024-43425: Moodle Remote Code Execution Vulnerability, PoC Published #CVE202443425 #MoodleRCE #Vulnerability #PoC #UpgradeNow https://securityonline.info/cve-2024-43425-moodle-remote-code-execution-vulnerability-poc-published/
Daily CyberSecurity
CVE-2024-43425: Moodle Remote Code Execution Vulnerability, PoC Published
Explore the potential impact of a critical CVE-2024-43425 vulnerability in Moodle, a widely-used Learning Management System.
🍾1
Master Your Craft - Tavis Ormandy Analysis on The CrowdStrike Incident https://tahadraidia.com/posts/master-your-craft-tavis-ormandy-analysis-on-the-crowdstrike-incident/
Deep diving into F5 Secure Vault #F5SecureVault #CyberSecurity #AlmondBlog #OffensiveSecurity https://offsec.almond.consulting/deep-diving-f5-secure-vault.html
My keyboard was misbehaving so I had to exploit my NAS #NASexploit #AppSec #ZimaOS #CasaOS #keyboardissues https://appsec.space/posts/zimaos-casaos-rce/
appsec & stuff
My keyboard was misbehaving so I had to exploit my NAS
I recently received my ZimaCube: a NAS from IceWhale, the same company behind the ZimaBlade, ZimaBoard and most notably CasaOS, a UI to manage docker applications.
0.0.0.0 Day: Exploiting Localhost APIs From the Browser #LocalhostAPIExploit #0.0.0.0Day #BrowserSecurity #OligoSecurity #VulnerabilityDiscovery https://www.oligo.security/blog/0-0-0-0-day-exploiting-localhost-apis-from-the-browser
www.oligo.security
0.0.0.0 Day: Exploiting Localhost APIs From the Browser | Oligo Security
Oligo Security's research team recently disclosed the “0.0.0.0 Day” vulnerability. This vulnerability allows malicious websites to bypass browser security and interact with services running on an organization’s local network
Exploiting authorization by nonce in WordPress plugins #WordPressSecurity #Vulnerabilities #WordPressPlugins #AuthorizationByNonce #SecurityResearch https://nowotarski.info/wordpress-nonce-authorization/
nowotarski.info
Exploiting authorization by nonce in WordPress plugins
About WordPress As of 2024, WordPress powers 43% of all websites in the internet. 474 million websites run WordPress software and one or more out of 70 000 plugins. Unfortunately, as history shows, many WordPress plugins, even popular ones, often contain…
👍1
From Exploits to Forensics: Unraveling the Unitronics Attack #UnitronicsAttack #ResearchTools #ForensicExtraction #Vulnerabilities #PCOMProtocol https://claroty.com/team82/research/from-exploits-to-forensics-unraveling-the-unitronics-attack
Claroty
From Exploits to Forensics: Unraveling the Unitronics Attack
Claroty Team82 is publishing details of our research into Unitronics' integrated PLCs/HMIs, which began on the heels of numerous critical infrastructure attacks that were disclosed last fall, in particular at water treatment facilities in the United States…
A deep dive into CVE-2023-2163: How we found and fixed an eBPF Linux Kernel Vulnerability #CVE2023 #LinuxKernelVulnerability #eBPF #CyberSecurity #FixImplemented https://bughunters.google.com/blog/6303226026131456/a-deep-dive-into-cve-2023-2163-how-we-found-and-fixed-an-ebpf-linux-kernel-vulnerability
Google
Blog: A deep dive into CVE-2023-2163: How we found and fixed an eBPF Linux Kernel Vulnerability
This blog post takes a look at the years where eBPF was one of the kernel subsystems that grabbed the attention of a lot of security researchers. We will tell the story of how we discovered CVE-2023-2163, what our root-cause analysis process looked like,…
Listen to the whispers: web timing attacks that actually work #WebTimingAttacks #BurpSuiteEnterprise #BurpSuiteProfessional #DevSecOps #BugBountyHunting https://portswigger.net/research/listen-to-the-whispers-web-timing-attacks-that-actually-work
PortSwigger Research
Listen to the whispers: web timing attacks that actually work
Websites are riddled with timing oracles eager to divulge their innermost secrets. It's time we started listening to them. In this paper, I'll unleash novel attack concepts to coax out server secrets
Living off the VPN — Exploring VPN Post-Exploitation Techniques #VPNPostExploitation #ThreatActors #VPNVulnerabilities #OSDeviceControl #LDAPCredentialsAbuse https://www.akamai.com/blog/security-research/2024-august-vpn-post-exploitation-techniques-black-hat
Akamai
Living off the VPN — Exploring VPN Post-Exploitation Techniques | Akamai
VPN exploitations traditionally has been primarily for initial access. Ori David shows just how much more can be done maliciously post-exploit.
👍1
Black Hat USA: Lessons Learned After CrowdStrike Incident #BlackHatUSA #CybersecurityLessons #CrowdStrikeIncident #ResilienceInCybersecurity #SecureByDesign https://www.channele2e.com/brief/black-hat-usa-lessons-learned-after-crowdstrike-incident
ChannelE2E
Black Hat USA: Lessons Learned After CrowdStrike Incident
Black Hat USA is a great outlet for sharing lessons learned after the CrowdStrike incident.