Research Case Study: Supply Chain Security at Scale – Insights into NPM Account Takeovers #LaburityResearch #NPM #AccountTakeovers #SupplyChainSecurity #ResearchCaseStudy https://laburity.com/research-npm-account-takeovers/
Laburity - Cyber Security Services
Research Case Study: Supply Chain Security at Scale – Insights into NPM Account Takeovers - Laburity
Software supply chains are complex ecosystems where even a single vulnerability can lead to widely spread security issues. This blog focuses on supply chain account takeovers, particularly in NPM packages, and explains how attackers exploit expired email…
OpenBMC Remote OS Deployment: A Simplified Approach #OpenBMC #RemoteOS #Deployment #SimplifiedApproach #VaultLabs https://hardenedvault.net/blog/2024-11-17-openbmc-remote-deployment/
hardenedvault.net
OpenBMC Remote OS Deployment: A Simplified Approach
OpenBMC Remote OS Deployment: A Simplified Approach Many BMC implementations can accept a disk image and present it as a read-only USB mass storage device inserted into the host machine, allowing the host machine to boot from this “disk” for remote installation…
Pots and Pans, AKA an SSLVPN - Palo Alto PAN-OS CVE-2024-0012 and CVE-2024-9474 #PaloAlto #SSLVPN #Vulnerabilities #CVE2024 #CommandInjection https://labs.watchtowr.com/pots-and-pans-aka-an-sslvpn-palo-alto-pan-os-cve-2024-0012-and-cve-2024-9474/
watchTowr Labs
Pots and Pans, AKA an SSLVPN - Palo Alto PAN-OS CVE-2024-0012 and CVE-2024-9474
It'll be no surprise that 2024, 2023, 2022, and every other year of humanities' existence has been tough for SSLVPN appliances.
Anyhow, there are new vulnerabilities (well, two of them) that are being exploited in the Palo Alto Networks firewall and SSLVPN…
Anyhow, there are new vulnerabilities (well, two of them) that are being exploited in the Palo Alto Networks firewall and SSLVPN…
RpcInvestigator: Exploring RPC interfaces on Windows #WindowsRPC #RPCInvestigator #WindowsSecurity #ETW #RPCClient https://github.com/trailofbits/RpcInvestigator
GitHub
GitHub - trailofbits/RpcInvestigator: Exploring RPC interfaces on Windows
Exploring RPC interfaces on Windows. Contribute to trailofbits/RpcInvestigator development by creating an account on GitHub.
RustiveDump: LSASS memory dumper using only NTAPIs, creating a minimal minidump, built in Rust with no_std and independent of the C runtime (CRT). #RustiveDump #LSASS #MemoryDumper #NTAPIs #XOREncryption https://github.com/safedv/RustiveDump
GitHub
GitHub - safedv/RustiveDump: LSASS memory dumper using only NTAPIs, creating a minimal minidump. It can be compiled as shellcode…
LSASS memory dumper using only NTAPIs, creating a minimal minidump. It can be compiled as shellcode (PIC), supports XOR encryption, and remote file transmission. - safedv/RustiveDump
Exploit module for PAN-OS management interface unauth RCE (CVE-2024-0012 + CVE-2024-9474) #PANOS #ManagementInterface #RCE #CVE-2024-0012 #GitHubPullRequest https://github.com/rapid7/metasploit-framework/pull/19663
GitHub
Exploit module for PAN-OS management interface unauth RCE (CVE-2024-0012 + CVE-2024-9474) by sfewer-r7 · Pull Request #19663 ·…
This pull request adds an exploit module for the recent PAN-OS management interface unauthenticated RCE exploit chain (CVE-2024-0012 + CVE-2024-9474), based upon the technical analysis published by...
In our latest blog post we delve into the adolescence of malware in the 2000s. We cover the rise of self-replicating worms, the impact of ILOVEYOU, Slammer, Conficker, and more. #MalwareHistory #2000sWorms #CybersecurityResearch #RME Read it now: https://reversea.me/index.php/a-brief-history-of-malware-part-4/
🔥1
Remediation for CVE-2024-20767 and CVE-2024-21216: Protect Yourself Against Two Recent Critical Bugs Exploitable in the Wild #Remediation #CVE2024 #CriticalBugs #Exploitable #Protection https://blog.securelayer7.net/coldfusion-path-traversal-and-weblogic-unauthenticated-rce-remediation/
SecureLayer7 - Offensive Security, API Scanner & Attack Surface Management
Remediation for CVE-2024-20767 and CVE-2024-21216: Protect Yourself Against Two Recent Critical Bugs Exploitable in the Wild
CVE-2024-20767- ColdFusion Path Traversal can lead to reading important data. CVE-2024-20767 is a vulnerability in ColdFusion versions 2023.6, 2021.12, and earlier. These versions are affected by...
Fortune 1000 at risk: How we discovered 30k exposed APIs & 100k API vulnerabilities in the world’s largest organizations #Fortune1000 #APISecurity #Vulnerabilities #EscapePlatform #APIAudit https://escape.tech/blog/fortune-1000-at-risk-30k-exposed-apis-100k-vulnerabilities/
Escape DAST - Application Security Blog
Fortune 1000 at risk: How we discovered 100k vulnerabilities
Discover the alarming state of API security in Fortune 1000 and CAC 40. Escape's latest research reveals 2k high-risk vulnerabilities
Azure Detection Engineering: Log idiosyncrasies you should know about #AzureDetectionEngineering #LogIdiosyncrasies #SecurityCanaries #AzureLogs #DetectingIntrusions https://tracebit.com/blog/azure-detection-engineering-log-idiosyncrasies-you-should-know-about
Tracebit
Azure Detection Engineering: Log idiosyncrasies you should know about | Tracebit
We share a few inconsistencies found in Azure logs which make detection engineering more challenging.
Leveraging An Order of Operations Bug to Achieve RCE in Sitecore 8.x - 10.x #Assetnote #SecurityResearch #Sitecore #OrderOfOperations #AttackVector https://www.assetnote.io/resources/research/leveraging-an-order-of-operations-bug-to-achieve-rce-in-sitecore-8-x---10-x
www.assetnote.io
Leveraging An Order of Operations Bug to Achieve RCE in Sitecore 8.x - 10.x
Local file disclosure in Sitecore 8.x to 10.x that can lead to RCE (CVE-2024-46938) due to an order of operations bug within a handler responsible for reading local files.
Prototype Pollution in NASAs Open MCT CVE-2023-45282 #PrototypePollution #NASAOpenMCT #CVE2023-45282 #VisionSpace #JavaScriptVulnerability https://visionspace.com/prototype-pollution-in-nasas-open-mct-cve-2023-45282/
Visionspace
Prototype Pollution in NASAs Open MCT CVE-2023-45282
The Prototype Pollution vulnerability is specific to the JavaScript programming language. It enables an attacker to add or alter any properties of global object prototypes. Once the property is changed, the code that inherits it will use the injected property…
CVE-2024-48990-PoC: PoC for CVE-2024-48990 #GitHub #CVE #PoC #Vulnerabilities #Security https://github.com/makuga01/CVE-2024-48990-PoC
GitHub
GitHub - makuga01/CVE-2024-48990-PoC: PoC for CVE-2024-48990
PoC for CVE-2024-48990. Contribute to makuga01/CVE-2024-48990-PoC development by creating an account on GitHub.
🔥1🤯1
Writing distributed applications with Python Smart Objects as a Java RMI alternative #Python #DistributedApplications #SmartObjects #JavaRMI #Alternative https://medium.com/@__biancarosa/writing-distributed-applications-with-python-smart-objects-as-a-java-rmi-alternative-4ba9a812567d
Medium
Writing distributed applications with Python Smart Objects as a Java RMI alternative
Hello there! :)
The Nearest Neighbor Attack: How A Russian APT Weaponized Nearby Wi-Fi Networks for Covert Access #NearestNeighborAttack #RussianAPTGruesomeLarch #CovertAccess #Wi-FiWeaponization #OrganizationSecurity https://www.volexity.com/blog/2024/11/22/the-nearest-neighbor-attack-how-a-russian-apt-weaponized-nearby-wi-fi-networks-for-covert-access/
Volexity
The Nearest Neighbor Attack: How A Russian APT Weaponized Nearby Wi-Fi Networks for Covert Access
In early February 2022, notably just ahead of the Russian invasion of Ukraine, Volexity made a discovery that led to one of the most fascinating and complex incident investigations Volexity had ever worked. The investigation began when an alert from a custom…
Handling Cookies is a Minefield #Cookies #WebDevelopment #Programming #WebBrowsers #Standards https://grayduck.mn/2024/11/21/handling-cookies-is-a-minefield/
grayduck.mn
April King — Handling Cookies is a Minefield
Discrepancies in how browsers and libraries handle HTTP cookies, and the problems caused by such things.
Breaking out of VRChat using a Unity bug #VRChat #UnityBug #UdonSharp #Textures #Exploit https://khang06.github.io/vrcescape/
Khang's Stuff
Breaking out of VRChat using a Unity bug
Making Udon a bit too flexible.
Ruby 3.4 Universal RCE Deserialization Gadget Chain #RubyGadgetChain #RCE #Vulnerability #Deserialization #Improvements https://nastystereo.com/security/ruby-3.4-deserialization.html
CVE-2024-11477: 7-Zip Vulnerability Allows Remote Code Execution, Update Now! #7ZipVulnerability #RemoteCodeExecution #UpdateNow #CVE202411477 #CybersecurityNews https://securityonline.info/cve-2024-11477-7-zip-vulnerability-allows-remote-code-execution-update-now/
Daily CyberSecurity
CVE-2024-11477: 7-Zip Vulnerability Allows Remote Code Execution, Update Now!
7-Zip vulnerability (CVE-2024-11477): understand the risks and learn how to safeguard your systems from potential code execution attacks.
🔥2
KrbRelayEx: Kerberos Relay and Forwarder for (Fake) SMB MiTM Server #KrbRelayEx #MitM #Kerberos #SMB #HTTPADC https://github.com/decoder-it/KrbRelayEx
GitHub
GitHub - decoder-it/KrbRelayEx
Contribute to decoder-it/KrbRelayEx development by creating an account on GitHub.