Canary Infrastructure vs. Real World TTPs #CanaryInfrastructure #RealWorldTTPs #CloudSecurity #TracebitDemo #DetectionOpportunities https://tracebit.com/blog/canary-infrastructure-vs-real-world-ttps
Tracebit
Canary Infrastructure vs. Real World TTPs | Tracebit
We investigate three recent AWS security incidents and discuss how canaries could help you detect these early, and throughout the attack lifecycle.
Racing Cats to the Exit: A Boring Linux Kernel Use-After-Free #LinuxKernel #BoringVulnerability #DoSRisk #UseAfterFreeBug #RaceCondition https://accessvector.net/2022/linux-itimers-uaf
Mixing watering hole attacks with history leak via CSS #RedTeam #Research #WateringHole #Phishing #CSSLeak https://adepts.of0x.cc/css-history-leaks/
Mixing watering hole attacks with history leak via CSS |
Mixing watering hole attacks with history leak via CSS | AdeptsOf0xCC
Using CSS and social engineering to identify juicy targets when performing watering hole attacks
At Home In Your Firmware: Analysis of CVE-2024-36877 #FirmwareVulnerability #CVE-2024-36877 #SMMcorruption #MSIchipsets #SystemManagementModeexploitation https://jjensn.com/at-home-in-your-firmware/
Jjensn
At Home In Your Firmware: Analysis of CVE-2024-36877
How I exploited a SMM Memory Corruption Vulnerability in MSI firmware
MIFARE Classic: exposing the static encrypted nonce variant — I’ve got a bit more, should I throw it in? (Philippe Teuwen) #MIFARE #SmartCardHacking https://eprint.iacr.org/2024/1275.pdf
🔥2
CVE-2024-41660: A Critical Vulnerability in OpenBMC #CVE-2024-41660 #TetrelSecurity #OpenBMC #Vulnerability #Critical https://tetrelsec.com/posts/cve-2024-41660-slpd-lite/
Tetrel Security
CVE-2024-41660: A Critical Vulnerability in OpenBMC
Conquering the memory through io_uring - Analysis of CVE-2023-2598 #MemoryConquered #io_uringCVE #AnatomicalPrecision #KernelVulnerability #PowerfulExploitation https://anatomic.rip/cve-2023-2598/
a place of anatomical precision
Conquering the memory through io_uring - Analysis of CVE-2023-2598
A logic bug in io_uring leading to Local Privilege Escalation
🔥2
CVE-2024-7646: Ingress-NGINX Annotation Validation Bypass – A Deep Dive #KubernetesSecurity #ARMOPlatform #CVE20247646 #AnnotationValidationBypass #IngressNGINX https://www.armosec.io/blog/cve-2024-7646-ingress-nginx-annotation-validation-bypass/
ARMO
CVE-2024-7646: Ingress-NGINX Annotation Validation Bypass
Learn how CVE-2024-7646 allows attackers to bypass ingress-nginx validation and compromise Kubernetes clusters, and how to secure your systems
Attack of the clones: Getting RCE in Chrome’s renderer with duplicate object properties #ChromeRenderer #RCE #DuplicateObjectProperties #ObjectCorruptionBug #OriginTrials https://github.blog/security/vulnerability-research/attack-of-the-clones-getting-rce-in-chromes-renderer-with-duplicate-object-properties/
The GitHub Blog
Attack of the clones: Getting RCE in Chrome’s renderer with duplicate object properties
In this post, I'll exploit CVE-2024-3833, an object corruption bug in v8, the Javascript engine of Chrome, that allows remote code execution (RCE) in the renderer sandbox of Chrome by a single visit to a malicious site.
Exploiting Steam: Usual and Unusual Ways in the CEF Framework #ExploitingSteam #CEFframework #RemoteCodeExecution #CommandInjection #HistoricalVulnerabilities https://www.darknavy.org/blog/exploiting_steam_usual_and_unusual_ways_in_the_cef_framework/
DARKNAVY
Exploiting Steam: Usual and Unusual Ways in the CEF Framework
Introduction
The Chromium Embedded Framework (CEF) is an open-source framework that allows developers to embed the Chromium engine in their applications. Although CEF is widely employed in a range of popular software, including WeChat and the Epic Games Launcher…
The Chromium Embedded Framework (CEF) is an open-source framework that allows developers to embed the Chromium engine in their applications. Although CEF is widely employed in a range of popular software, including WeChat and the Epic Games Launcher…
Point Of Sale Device (POS) Penetration Testing – A Practical Guide 2023 #POS #PenetrationTesting #CyberSecurity #DataBreach #PointOfSale https://cybersecuritynews.com/pos-device-penetration-testing/
Cyber Security News
Point Of Sale Device (POS) Penetration Testing – A Practical Guide 2023
Penetration testing of point-of-sale (POS) devices is essential to ensure the security of payment systems and protect sensitive customer data
🔥2👍1
CVE-2022-22265 Samsung npu driver #SamsungCVE2022-22265 #KernelExploit #CrossCacheOperations #PageTableSpray #KernelSearch https://soez.github.io/posts/CVE-2022-22265-Samsung-npu-driver/
File-Tunnel: Tunnel TCP connections through a file #GitHub #FileTunnel #TCPconnections #FirewallBypass #RDPtunneling https://github.com/fiddyschmitt/File-Tunnel
GitHub
GitHub - fiddyschmitt/File-Tunnel: Tunnel TCP connections through a file
Tunnel TCP connections through a file. Contribute to fiddyschmitt/File-Tunnel development by creating an account on GitHub.
🔥1
Open Broadcaster Software (OBS): Heap Overflow Vulnerability #OBS #HeapOverflow #Vulnerability #GitHub #SecurityResearch https://github.com/google/security-research/security/advisories/GHSA-mf24-5fxf-f4x5
GitHub
Open Broadcaster Software (OBS): Heap Overflow Vulnerability
### Summary
OBS (Open Broadcaster Software) is a well-known open source and cross platform software for screen recording and streaming. Unfortunately, a crafted GIF file with malicious LZW compres...
OBS (Open Broadcaster Software) is a well-known open source and cross platform software for screen recording and streaming. Unfortunately, a crafted GIF file with malicious LZW compres...
: HookChain: A new perspective for Bypassing EDR Solutions #HookChain #BypassingEDR #GitHub #Security #Innovation https://github.com/helviojunior/hookchain/
GitHub
GitHub - helviojunior/hookchain: HookChain: A new perspective for Bypassing EDR Solutions
HookChain: A new perspective for Bypassing EDR Solutions - helviojunior/hookchain
👍1
Limitations of the Kerberos Authentication System #KerberosAuthentication #Limitations https://academiccommons.columbia.edu/doi/10.7916/D84B372N
Academic Commons
Limitations of the Kerberos Authentication System
The Kerberos authentication system, a part of MIT's Project Athena, has been adopted by other organizations. Despite Kerberos's many strengths, it has a number of limitations and some weaknesses. Some are due to specifics of the MIT environment; others represent…
BOFHound: Session Integration #BOFHound #SessionIntegration #LDAPenumeration #BloodHound #AttackPathMapping https://posts.specterops.io/bofhound-session-integration-7b88b6f18423
SpecterOps
BOFHound: Session Integration - SpecterOps
In this post, we examine BOFHound-compatible BOFs and usage examples that allow an operator to take a manual and targeted approach to attack path mapping.