In our latest blog post we delve into the adolescence of malware in the 2000s. We cover the rise of self-replicating worms, the impact of ILOVEYOU, Slammer, Conficker, and more. #MalwareHistory #2000sWorms #CybersecurityResearch #RME Read it now: https://reversea.me/index.php/a-brief-history-of-malware-part-4/
🔥1
Remediation for CVE-2024-20767 and CVE-2024-21216: Protect Yourself Against Two Recent Critical Bugs Exploitable in the Wild #Remediation #CVE2024 #CriticalBugs #Exploitable #Protection https://blog.securelayer7.net/coldfusion-path-traversal-and-weblogic-unauthenticated-rce-remediation/
SecureLayer7 - Offensive Security, API Scanner & Attack Surface Management
Remediation for CVE-2024-20767 and CVE-2024-21216: Protect Yourself Against Two Recent Critical Bugs Exploitable in the Wild
CVE-2024-20767- ColdFusion Path Traversal can lead to reading important data. CVE-2024-20767 is a vulnerability in ColdFusion versions 2023.6, 2021.12, and earlier. These versions are affected by...
Fortune 1000 at risk: How we discovered 30k exposed APIs & 100k API vulnerabilities in the world’s largest organizations #Fortune1000 #APISecurity #Vulnerabilities #EscapePlatform #APIAudit https://escape.tech/blog/fortune-1000-at-risk-30k-exposed-apis-100k-vulnerabilities/
Escape DAST - Application Security Blog
Fortune 1000 at risk: How we discovered 100k vulnerabilities
Discover the alarming state of API security in Fortune 1000 and CAC 40. Escape's latest research reveals 2k high-risk vulnerabilities
Azure Detection Engineering: Log idiosyncrasies you should know about #AzureDetectionEngineering #LogIdiosyncrasies #SecurityCanaries #AzureLogs #DetectingIntrusions https://tracebit.com/blog/azure-detection-engineering-log-idiosyncrasies-you-should-know-about
Tracebit
Azure Detection Engineering: Log idiosyncrasies you should know about | Tracebit
We share a few inconsistencies found in Azure logs which make detection engineering more challenging.
Leveraging An Order of Operations Bug to Achieve RCE in Sitecore 8.x - 10.x #Assetnote #SecurityResearch #Sitecore #OrderOfOperations #AttackVector https://www.assetnote.io/resources/research/leveraging-an-order-of-operations-bug-to-achieve-rce-in-sitecore-8-x---10-x
www.assetnote.io
Leveraging An Order of Operations Bug to Achieve RCE in Sitecore 8.x - 10.x
Local file disclosure in Sitecore 8.x to 10.x that can lead to RCE (CVE-2024-46938) due to an order of operations bug within a handler responsible for reading local files.
Prototype Pollution in NASAs Open MCT CVE-2023-45282 #PrototypePollution #NASAOpenMCT #CVE2023-45282 #VisionSpace #JavaScriptVulnerability https://visionspace.com/prototype-pollution-in-nasas-open-mct-cve-2023-45282/
Visionspace
Prototype Pollution in NASAs Open MCT CVE-2023-45282
The Prototype Pollution vulnerability is specific to the JavaScript programming language. It enables an attacker to add or alter any properties of global object prototypes. Once the property is changed, the code that inherits it will use the injected property…
CVE-2024-48990-PoC: PoC for CVE-2024-48990 #GitHub #CVE #PoC #Vulnerabilities #Security https://github.com/makuga01/CVE-2024-48990-PoC
GitHub
GitHub - makuga01/CVE-2024-48990-PoC: PoC for CVE-2024-48990
PoC for CVE-2024-48990. Contribute to makuga01/CVE-2024-48990-PoC development by creating an account on GitHub.
🔥1🤯1
Writing distributed applications with Python Smart Objects as a Java RMI alternative #Python #DistributedApplications #SmartObjects #JavaRMI #Alternative https://medium.com/@__biancarosa/writing-distributed-applications-with-python-smart-objects-as-a-java-rmi-alternative-4ba9a812567d
Medium
Writing distributed applications with Python Smart Objects as a Java RMI alternative
Hello there! :)
The Nearest Neighbor Attack: How A Russian APT Weaponized Nearby Wi-Fi Networks for Covert Access #NearestNeighborAttack #RussianAPTGruesomeLarch #CovertAccess #Wi-FiWeaponization #OrganizationSecurity https://www.volexity.com/blog/2024/11/22/the-nearest-neighbor-attack-how-a-russian-apt-weaponized-nearby-wi-fi-networks-for-covert-access/
Volexity
The Nearest Neighbor Attack: How A Russian APT Weaponized Nearby Wi-Fi Networks for Covert Access
In early February 2022, notably just ahead of the Russian invasion of Ukraine, Volexity made a discovery that led to one of the most fascinating and complex incident investigations Volexity had ever worked. The investigation began when an alert from a custom…
Handling Cookies is a Minefield #Cookies #WebDevelopment #Programming #WebBrowsers #Standards https://grayduck.mn/2024/11/21/handling-cookies-is-a-minefield/
grayduck.mn
April King — Handling Cookies is a Minefield
Discrepancies in how browsers and libraries handle HTTP cookies, and the problems caused by such things.
Breaking out of VRChat using a Unity bug #VRChat #UnityBug #UdonSharp #Textures #Exploit https://khang06.github.io/vrcescape/
Khang's Stuff
Breaking out of VRChat using a Unity bug
Making Udon a bit too flexible.
Ruby 3.4 Universal RCE Deserialization Gadget Chain #RubyGadgetChain #RCE #Vulnerability #Deserialization #Improvements https://nastystereo.com/security/ruby-3.4-deserialization.html
CVE-2024-11477: 7-Zip Vulnerability Allows Remote Code Execution, Update Now! #7ZipVulnerability #RemoteCodeExecution #UpdateNow #CVE202411477 #CybersecurityNews https://securityonline.info/cve-2024-11477-7-zip-vulnerability-allows-remote-code-execution-update-now/
Daily CyberSecurity
CVE-2024-11477: 7-Zip Vulnerability Allows Remote Code Execution, Update Now!
7-Zip vulnerability (CVE-2024-11477): understand the risks and learn how to safeguard your systems from potential code execution attacks.
🔥2
KrbRelayEx: Kerberos Relay and Forwarder for (Fake) SMB MiTM Server #KrbRelayEx #MitM #Kerberos #SMB #HTTPADC https://github.com/decoder-it/KrbRelayEx
GitHub
GitHub - decoder-it/KrbRelayEx
Contribute to decoder-it/KrbRelayEx development by creating an account on GitHub.
Windows - Data Protection API (DPAPI) Revisited #WindowsSecurity #DataProtectionAPI #ChromiumChanges #SecurityValidation #DeviceBoundSessionCredentials https://tierzerosecurity.co.nz/2024/11/26/data-protection-windows-api-revisited.html
Tier Zero Security
Information Security Services. Offensive Security, Penetration Testing, Mobile and Application, Purple Team, Red Team
How To Use MSSQL CLR Assembly To Bypass EDR #BypassEDR #MSSQL https://blog.pyn3rd.com/2024/11/22/How-to-use-MSSQL-CLR-assembly-to-bypass-EDR/
Pyn3Rd
How To Use MSSQL CLR Assembly To Bypass EDR
BackgroundA few days ago, I dealt with a blackmail incident involving an MSSQL database, which potentially evaded EDR detection. I intend to share the entire process. Upon analyzing the situation, I f
👍3
Attacking hypervisors - A practical case #ReverseTactics #HypervisorAttack #VirtualBox #SecurityResearch #Pwn2Own https://www.reversetactics.com/publications/2024_conf_grehack_virtualbox/
Reversetactics
REverse Tactics
Presentation on the vulnerability research conducted on VirtualBox for Pwn2Own Vancouver 2024.
🔥2
The Curious Case of nltest and LmOwfPassword/NtOwfPassword #nltest #SAM #reverseengineering #hashfunction #WindowsExploits https://www.jonaslieb.de/blog/nltest-ntowfpassword/
Jonas Lieb
The Curious Case of nltest and LmOwfPassword/NtOwfPassword
I recently fiddled around with Window’s built-in command nltest and noticed that nltest /user:<username>, when executed as an Administrator, yields some interesting information about the requested user:
The two fields LmOwfPassword and NtOwfPassword spiked…
The two fields LmOwfPassword and NtOwfPassword spiked…
SSD Advisory – ksthunk.sys Integer Overflow (PE) #SSDSecureDisclosure #IntegerOverflow #Windows11 #Vulnerability #Exploitation https://ssd-disclosure.com/ssd-advisory-ksthunk-sys-integer-overflow-pe/
SSD Secure Disclosure
SSD Advisory - ksthunk.sys Integer Overflow (PE) - SSD Secure Disclosure
Summary A vulnerability in the ksthunk.sys CKSAutomationThunk::ThunkEnableEventIrp allows a local attacker to exploit an Integer Overflow vulnerability which can then be used to gain elevated privileges in the Windows operating system. The exploit was successfully…
🔥2