DLL Sideloading #DLLSideloading #CyberSecurity #IncidentResponse #Windows #DLLHijacking https://www.r-tec.net/r-tec-blog-dll-sideloading.html
www.r-tec.net
r-tec Blog | DLL Sideloading
The post describes DLL Sideloading, a technique that allows attackers to execute custom malicious code from within legitimate windows binaries/processes.
CloudGoat: New Scenario and Walkthrough (sns_secrets) #CloudGoat #CloudPenTesting #AWS #SNS_Secrets https://rhinosecuritylabs.com/research/cloudgoat-sns_secrets/
Rhino Security Labs
CloudGoat: New Scenario and Walkthrough (sns_secrets)
This is a full walkthrough for the new sns_secrets scenario on CloudGoat.
search-vulns: web to search for known vulnerabilities in software #search_vulns #vulnerabilities #tech #license #privacy https://search-vulns.com/about
DTLS “ClientHello” Race Conditions in
WebRTC Implementations #ConcurrencyErrors #RaceConditions #WebRTC https://www.enablesecurity.com/research/webrtc-hello-race-conditions-paper.pdf
WebRTC Implementations #ConcurrencyErrors #RaceConditions #WebRTC https://www.enablesecurity.com/research/webrtc-hello-race-conditions-paper.pdf
Spoofing Internal Packets for Multihomed Linux Devices #SpoofingInternalPackets #MultihomedLinuxDevices #ConntrackSpoofing #FirewallVulnerability #LinuxSecurity https://www.anvilsecure.com/blog/spoofing-internal-packets-for-multihomed-linux-devices.html
Anvil Secure
Spoofing Internal Packets for Multihomed Linux Devices - Anvil Secure
In short, the conntrack module, which tracks connections for the stateful firewall, does not account for the interface on which a connection was established. As a result, a firewall rule allowing…
Call stack spoofing explained using APT41 malware #CallStackSpoofing #APT41Malware #CyberGeeks #MalwareAnalysis #EDRDetection https://cybergeeks.tech/call-stack-spoofing-explained-using-apt41-malware/
ONBUILD COPY . /var/www/pwned/ #ONBUILD #Dockerfile #securityrisk #ignoreimportantfiles #accidentaldataleaks https://bitplane.net/log/2024/10/from-me-to-you-to-everyone/
1-click Exploit in South Korea's biggest mobile chat app #KakaoTalkExploit #DeepLinkVulnerability #AccountTakeover #XSSAttack #BrowserInterception https://stulle123.github.io/posts/kakaotalk-account-takeover/
stulle123
1-click Exploit in South Korea's biggest mobile chat app
Stealing another KakaoTalk user’s chat messages with a simple 1-click exploit.
🎉1👾1
Attacking APIs using JSON Injection #JSONInjection #APIHacking #SecurityEngineering #ExploitingAPIs #APIHackersInnerCircle https://danaepp.com/attacking-apis-using-json-injection
Dana Epp's Blog
Attacking APIs using JSON Injection
Learn how to use JSON injection to manipulate API payloads to control the flow of data and business logic within an API.
🔥2
Authenticated Remote Code Execution in multiple Xerox printers #XeroxPrinters #RemoteCodeExecution #SECConsult #PatchingRequired #RootPrivileges https://sec-consult.com/vulnerability-lab/advisory/authenticated-remote-code-execution-in-multiple-xerox-printers/
SEC Consult
Authenticated Remote Code Execution in multiple Xerox printers
Multiple Xerox printers (EC80xx, AltaLink, VersaLink, WorkCentre) were affected by an authenticated remote code execution vulnerability which allowed an attacker with administrative web credentials to fully compromise the devices with root privileges on the…
Using Nix to Fuzz Test a PDF Parser (Part One) # FuzzTesting #Nix #PDFParser #Honggfuzz #Workflow https://mtlynch.io/nix-fuzz-testing-1/
mtlynch.io
Using Nix to Fuzz Test a PDF Parser (Part One)
Fuzz testing is a technique for automatically uncovering bugs in software. The problem is that it’s a pain to set up. Read any fuzz testing tutorial, and the first task is an hour of building tools from source and chasing down dependencies upon dependencies.…
🔥2
The Red Dragon Searches for Pearls Through Quantum Tunneling – But You’ve Got the Wrong Paper #RedDragon #QuantumTunneling #SymmetricCryptography #NIST #AES https://nattothoughts.substack.com/p/chinas-quantum-tunneling-breakthrough
Natto Thoughts
The Red Dragon Searches for Pearls Through Quantum Tunneling – But You’ve Got the Wrong Paper
A September paper, soon hushed up, shows Chinese researchers may have discovered a class of quantum-annealing algorithm capable of attacking cryptography in a novel way
The Crypto Game of Lazarus APT: Investors vs. Zero-days #LazarusAPT #CryptocurrencyTheft #MOBAgame #ZeroDayExploit #GoogleChromeVulnerability https://securelist.com/lazarus-apt-steals-crypto-with-a-tank-game/114282/
Securelist
Lazarus APT steals cryptocurrency and user data via a decoy MOBA game
Kaspersky GReAT experts break down the new campaign of Lazarus APT which uses social engineering and exploits a zero-day vulnerability in Google Chrome for financial gain.
Sysdig 2024 Global Threat Report #SysdigThreatReport #GartnerMarketGuide #Frost&SullivanAward #SysdigSage #CloudSecurityInsights https://sysdig.com/blog/sysdig-2024-global-threat-report/
Sysdig
Sysdig 2024 Global Threat Report | Sysdig
We know that cloud attacks happen very quickly. Our 2024 global threat year-in-review, the third annual threat report from the Sysdig Threat Research Team
Vulnerabilities of Realtek SD card reader driver, part 1 #RealtekVulnerabilities #SDCardReader #DMAVulnerability #KernelMemoryLeak #PCIConfigSpaceAccess https://zwclose.github.io/2024/10/14/rtsper1.html
ZwClose
Vulnerabilities of Realtek SD card reader driver, part 1
I discovered multiple vulnerabilities in RtsPer.sys, an SD card reader driver developed by Realtek. These vulnerabilities enable non-privileged users to leak the contents of kernel pool and kernel stack, write to arbitrary kernel memory, and, the most interesting…
LLM Security: Playing with ChatGPT code execution capability (Part 1) #LLMSecurity #ChatGPT #CodeExecution #Python #Obfuscation https://mohitdabas.wordpress.com/2024/10/25/llm-security-playing-with-chatgpt-code-execution-capability-part-1/
Mohit Dabas's Blog
LLM Security: Playing with ChatGPT code execution capability (Part 1).
So we all know about the ChatGPT4 code execution capability. Now the question is can I execute a little bit offensive code like running netstat to see internal connections? I tried to run ‘ne…
👍1
CVE-2024-26926 Analysis #LinuxKernel #CVE202426926 #Analysis #GitHub #SecurityVulnerabilities https://github.com/MaherAzzouzi/LinuxKernel-nday/blob/main/CVE-2024-26926/CVE_2024_26926_Analysis.pdf
GitHub
LinuxKernel-nday/CVE-2024-26926/CVE_2024_26926_Analysis.pdf at main · MaherAzzouzi/LinuxKernel-nday
Linux Kernel N-day Exploit/Analysis. Contribute to MaherAzzouzi/LinuxKernel-nday development by creating an account on GitHub.
👍1
Retrofitting encrypted firmware is a Bad Idea™ #FirmwareEncryption #PrinterHacking #WTM #Lexmark #SecurityPolicy https://haxx.in/posts/wtm-wtf/
haxx.in
Retrofitting encrypted firmware is a Bad Idea™
Lexmark decided to frustrate vulnerability researchers last minute. Let’s have a look at their new root filesystem encryption.
Introducing zizmor: now you can have beautiful clean workflows #Rust #Security #GitHubActions #workflows #development https://blog.yossarian.net/2024/10/27/Now-you-can-have-beautiful-clean-workflows
blog.yossarian.net
Introducing zizmor: now you can have beautiful clean workflows
Anatomy of an LLM RCE #LLM #RCE #Security #CodeExecution #Vulnerability https://www.cyberark.com/resources/threat-research-blog/anatomy-of-an-llm-rce
Cyberark
Anatomy of an LLM RCE
As large language models (LLMs) become more advanced and are granted additional capabilities by developers, security risks increase dramatically. Manipulated LLMs are no longer just a risk of...
Mastering Memory Exploitation: Fundamentals, Stack Overflows, Shellcode, Format String Bugs, and Heap Overflows #MemoryExploitation #Cybersecurity #Vulnerabilities #TechGuide #ExploitationTechniques https://medium.com/@verylazytech/mastering-memory-exploitation-fundamentals-stack-overflows-shellcode-format-string-bugs-and-353270ec8128
Medium
Mastering Memory Exploitation: Fundamentals, Stack Overflows, Shellcode, Format String Bugs, and Heap Overflows
In the world of cybersecurity, exploiting vulnerabilities is a technical art form that combines deep knowledge of systems with a practical…
🔥2🤔1💩1🥱1