Exploiting a Blind Format String Vulnerability in Modern Binaries: A Case Study from Pwn2Own Ireland 2024 #ExploitSuccess #BlindExploitation #StackPointer #WritingToStack #RopChain https://www.synacktiv.com/publications/exploiting-a-blind-format-string-vulnerability-in-modern-binaries-a-case-study-from
Synacktiv
Exploiting a Blind Format String Vulnerability in Modern Binaries: A
🔥2🤯2👍1
Understanding RedLine Stealer: The Trojan Targeting Your Data #RedLineStealer #Trojan #MalwareAnalysis #DataTheft #Cybersecurity https://malwr-analysis.com/2024/08/22/understanding-redline-stealer-the-trojan-targeting-your-data/
Malware Analysis, Phishing, and Email Scams
Understanding RedLine Stealer: The Trojan Targeting Your Data
In the ever-evolving landscape of cybersecurity threats, one name has increasingly become synonymous with stealth and precision: RedLine Stealer. This malicious software, often referred to as a Tro…
Autonomous Discovery of Critical Zero-Days #ZeroPathBlog #AI #VulnerabilityDetection #DeepProgramAnalysis #AutonomousDiscovery https://zeropath.com/blog/0day-discoveries
Zeropath
Autonomous Discovery of Critical Zero-Days - ZeroPath Blog
Since July 2024, ZeroPath's tool has uncovered critical zero-day vulnerabilities—including RCE, authentication bypasses, and IDORs—in popular AI platforms and open-source projects. Our approach has identified security flaws in projects owned by Netflix, Salesforce…
32 vulnerabilities in IBM Security Verify Access #IBMSecurityVerifyAccess #Vulnerabilities #ITSecurityResearch #AuthenticationBypass #Recommendations https://pierrekim.github.io/blog/2024-11-01-ibm-security-verify-access-32-vulnerabilities.html
HTTP Security Headers: A complete guide to HTTP headers #HTTPSecurityHeaders #CompleteGuide #WebSecurity #HTTPHeaders #RiskMitigation https://www.darkrelay.com/post/http-security-headers
DarkRelay
HTTP Security Headers: A complete guide to HTTP headers
Why did the HTTP security headers go to therapy? They had major 'insecurity' issues!HTTP headers are an integral part of the Hypertext Transfer Protocol (HTTP), the foundation of data communication on the World Wide Web. HTTP headers are lines of additional…
The Sophos kernel implant, ‘hack-back’ implications, CIA malware in Venezuela (podcast) #SophosKernelImplant #HackBack #CIAinVenezuela #CyberEspionage #ThreatIntelligence https://securityconversations.com/episode/the-sophos-kernel-implant-hack-back-implications-cia-malware-in-venezuela/
Security Conversations
The Sophos kernel implant, 'hack-back' implications, CIA malware in Venezuela - Security Conversations
Three Buddy Problem – Episode 19: We explore Ivan Kwiatkowski’s essay on the limits of threat intelligence, Sophos using kernel implants to surveil Chinese hackers, […]
👍1
ToxicPanda: a new banking trojan from Asia hit Europe and LATAM #ToxicPanda #BankingTrojan #Asia #Europe #LATAM https://www.cleafy.com/cleafy-labs/toxicpanda-a-new-banking-trojan-from-asia-hit-europe-and-latam
Cleafy
ToxicPanda: a new banking trojan from Asia hit Europe and LATAM | Cleafy Labs
Discover Cleafy's in-depth analysis of a new Android banking Trojan campaign, ToxicPanda, initially linked to TgToxic. Our findings reveal a sophisticated fraud operation targeting European and LATAM banks, using On-Device Fraud (ODF) tactics to execute account…
One weird trick to get the whole planet to send abuse complaints to your best friend(s) #AbuseComplaints #SpoofedIP #InternetSecurity #Infosec #TCPReset https://delroth.net/posts/spoofed-mass-scan-abuse/
CVE-2024-8956, CVE-2024-8957: How to Steal a 0-Day RCE (With a Little Help from an LLM) #GreyNoise #CVE #0Day #RCE #LLM https://www.labs.greynoise.io/grimoire/2024-10-31-sift-0-day-rce/
GreyNoise Labs
CVE-2024-8956, CVE-2024-8957: How to Steal a 0-Day RCE (With a Little Help from an LLM) – GreyNoise Labs
Wow. Nice weapon! Can I hold it? I promise not to break anything. Honest!
Parrot Anafi Drone Reverse Engineering #ParrotAnafi #DroneReverseEngineering #HardwareHacking #PacketAnalysis #AttackCapabilities https://www.hardbreak.wiki/network-analysis/protocols/application-layer/proprietary-protocols/parrot-anafi-drone-reverse-engineering
www.hardbreak.wiki
Parrot Anafi Drone Reverse Engineering | HardBreak
Remote Code Execution: The Cybercriminal’s Golden Ticket #Cybersecurity #RCE #Vulnerability #Hacking #Awareness https://medium.com/ssd-secure-disclosure/remote-code-execution-the-cybercriminals-golden-ticket-44fe2d0a6353
Medium
Remote Code Execution: The Cybercriminal’s Golden Ticket
Imagine a vulnerability so dangerous that an attacker can execute any command they want on your system from anywhere in the world. That’s…
👍1
Bypass GuardDuty Pentest Findings for the AWS CLI¶ #AWSCLI #GuardDuty #PenTest #BurpSuite #CloudSecurity https://hackingthe.cloud/aws/avoiding-detection/guardduty-pentest/
hackingthe.cloud
Bypass GuardDuty Pentest Findings for the AWS CLI - Hacking The Cloud
Prevent Kali Linux, ParrotOS, and Pentoo Linux from throwing GuardDuty alerts by modifying the User Agent string when using the AWS CLI.
Tales of the Crimson Foes - Part 1 #CrimsonFoes #BreachingUnicorns #RedTeamTales #SecurityBlog #ForgottenScroll https://therealunicornsecurity.github.io/CrimsonFoes/
therealunicornsecurity.github.io
Tales of the Crimson Foes - Part 1
The Tales of the Crimson Foes
A compilation of red team and pentest stories
A compilation of red team and pentest stories
Microsoft Bookings – Facilitating Impersonation #MicrosoftBookings #SecurityRisk #Impersonation #CyberisLimited #DataProtection https://www.cyberis.com/article/microsoft-bookings-facilitating-impersonation
Cyberis Limited
Microsoft Bookings – Facilitating Impersonation
Microsoft Bookings introduces a significant security risk by allowing end users to create fully functional Entra accounts without administrative oversight. These accounts, tied to shared Booking pages, can be exploited for impersonation, phishing, and email…
Everyday Ghidra: Ghidra Data Types— When to Create Custom GDTs — Part 1 #Ghidra #DataTypes #CustomGDTs #ReverseEngineering #WindowsSDK https://medium.com/@clearbluejar/everyday-ghidra-ghidra-data-types-when-to-create-custom-gdts-part-1-143fe45777eb
Medium
Everyday Ghidra: Ghidra Data Types— When to Create Custom GDTs — Part 1
In this 2-part “Everyday Ghidra” series post, we’ll walk through creating custom Ghidra data types by parsing C header files. In Everyday…
🔥3
System prompt exposure: how AI image generators may leak sensitive instructions #AIImageGenerators #SystemPromptExposure #DiffusionModels #LLM #WebSecurityBlog https://www.invicti.com/blog/security-labs/system-prompt-exposure-how-ai-image-generators-may-leak-sensitive-instructions/
Invicti
System Prompt Exposure: How AI Image Generators May Leak Sensitive Instructions
Recraft's image generation service uses a unique architecture combining an LLM (Claude) with a diffusion model. Learn what led to the discovery that carefully crafted prompts could expose the system's internal instructions.
Beyond RCE: Autonomous Code Execution in Agentic AI #AgenticAI #ACE #PromptInjection #PhishingAgenticSystems #TakingControl https://www.securityrunners.io/post/beyond-rce-autonomous-code-execution-in-agentic-ai
www.securityrunners.io
Beyond RCE: Autonomous Code Execution in Agentic AI
This blog post explores how agentic AI systems, specifically the "Computer Use" feature, can be manipulated through prompt injections and phishing techniques to execute arbitrary commands.
A New Era of macOS Sandbox Escapes: Diving into an Overlooked Attack Surface and Uncovering 10+ New Vulnerabilities s #macOSSandboxEscapes #NewVulnerabilities #CVEList #ConferencePresentation #SecurityResearch https://jhftss.github.io/A-New-Era-of-macOS-Sandbox-Escapes/
jhftss.github.io
A New Era of macOS Sandbox Escapes: Diving into an Overlooked Attack Surface and Uncovering 10+ New Vulnerabilities
This is a blog post for my presentation at the conference POC2024. The slides are uploaded here.
A deep dive into Linux’s new mseal syscall #mseal #Linux #ExploitMitigations #MemorySealing #syscall https://blog.trailofbits.com/2024/10/25/a-deep-dive-into-linuxs-new-mseal-syscall/
The Trail of Bits Blog
A deep dive into Linux’s new mseal syscall
If you love exploit mitigations, you may have heard of a new system call named mseal landing into the Linux kernel’s 6.10 release, providing a protection called “memory sealing.” Beyond notes from the authors, very little information about this mitigation…
🔥3
Breaking Down Multipart Parsers: File upload validation bypass #multipartformdataparsers #fileupload #validationbypass #WAF #inputvalidation https://blog.sicuranext.com/breaking-down-multipart-parsers-validation-bypass/
Sicuranext Blog
Breaking Down Multipart Parsers: File upload validation bypass
TL;DR: Basically, all multipart/form-data parsers fail to fully comply with the RFC, and when it comes to validating filenames or content uploaded by users, there are always numerous ways to bypass validation. We'll test various bypass techniques against…