Happy New Year! Here's to a 2025 where exploits cry, malware breaks, and vulnerable software finally learns to behave. Cheers to keeping things interesting and reversed!
🎉9
MSSQL Identified as Vulnerable to Emoji String Exploitation #MSSQLvulnerability #emojiexploitation #securityassessment #Unicodehandling #vulnerabilityanalysis https://decrypt.lol/posts/2024/11/29/mssql-identified-as-vulnerable-to-emoji-string-exploitation/
Decrypt LOL
MSSQL Identified as Vulnerable to Emoji String Exploitation
Microsoft SQL Server has been found to treat a goblin emoji as equivalent to an empty string, potentially leading to security vulnerabilities in applications that utilize it.
The fascinating security model of dark web marketplaces #darkwebsecurity #deepdiving #fascinatingmodel #evanboehs #technicalcuriosity https://boehs.org/node/dark-web-security
boehs.org
The Fascinating Security Model of Dark Web Marketplaces
Captchas, Monero, Scams and absolutely no JavaScript
ICP-Brasil: Mis-issued certificate #ICPBrasil #MisissuedCertificate #MozillaHome #Privacy #Cookies https://bugzilla.mozilla.org/show_bug.cgi?id=1934361
bugzilla.mozilla.org
1934361 - ICP-Brasil: Mis-issued certificate
RESOLVED (bwilson) in CA Program - CA Certificate Compliance. Last updated 2025-02-14.
0x00 - Introduction to Windows Kernel Exploitation # WindowsKernelExploitation #WinDbg #HEVD #ExploitDevelopment #TokenStealing https://wetw0rk.github.io/posts/0x00-introduction-to-windows-kernel-exploitation/
wetw0rk.github.io
0x00 - Introduction to Windows Kernel Exploitation
🔥2
Cybercriminals Use NFC Relay to Turn Stolen Credit Cards into Cash without a PIN #Cybercriminals #NFCRelay #StolenCreditCards #CashWithoutPIN #MobileHacker https://www.mobile-hacker.com/2024/12/02/cybercriminals-use-nfc-relay-to-turn-stolen-credit-cards-into-cash-without-a-pin/
Mobile Hacker
Cybercriminals Use NFC Relay to Turn Stolen Credit Cards into Cash without a PIN Mobile Hacker
ThreatFabric has identified a new cash-out tactic that wasn’t seen before called “Ghost Tap”, which cybercriminals use to exploit stolen credit card details linked to mobile payment services like Google Pay and Apple Pay. This method involves relaying NFC…
The Day We Unveiled the Secret Rotation Illusion #ClutchRotationIllusion #NHISecurity #ZeroTrust #EphemeralCredentials #NewSecurityStrategies https://www.clutch.security/blog/the-day-we-unveiled-the-secret-rotation-illusion
Clutch Security
The Day We Unveiled the Secret Rotation Illusion
Explore how Clutch Security debunks the myth of secret rotation, revealing how fast attackers exploit NHIs, and learn why Zero Trust is key…
😱2
Breaking Down Adversarial Machine Learning Attacks Through Red Team Challenges #AdversarialAI #RedTeamChallenges #EvasionAttacks #NeuralNetworks #GradientDescent https://boschko.ca/adversarial-ml/
Boschko Security Blog
Breaking Down Adversarial Machine Learning Attacks Through AI/ML Red Team Challenges
Explore adversarial attacks on AI/ML models through hands-on challenges on Dreadnode’s Crucible CTF platform.
OAuth Labs: OAuth 2.0 Vulnerabilites #OAuth2.0 #Training #SecurityAwareness #Cybersecurity #CommunityEngagement https://cyllective.com/blog/posts/oauth-labs
Cyllective
OAuth Labs: OAuth 2.0 Vulnerabilites
Introducing our latest project: the OAuth Labs. A hands-on approach to OAuth 2.0 vulnerabilities
CloudGoat Official Walkthrough Series: ‘sqs_flag_shop’ #CloudGoat #Walkthrough #sqs_flag_shop #PenetrationTesting #RhinoSecurityLabs https://rhinosecuritylabs.com/research/cloudgoat-walkthrough-sqs_flag_shop/
Rhino Security Labs
CloudGoat Official Walkthrough Series: ‘sqs_flag_shop’
This post walks through a new CloudGoat scenario, sqs_flag_shop in AWS.
CSPT the Eval Villain Way! #CSPT #EvalVillain #Exploit #BugFinding #SecurityEngineers https://blog.doyensec.com/2024/12/03/cspt-with-eval-villain.html
Doyensec
CSPT the Eval Villain Way!
Doyensec’s Maxence Schmitt recently built a playground to go with his CSPT research. In this blog post, we will demonstrate how to find and exploit CSPT bugs with Eval Villain. For this purpose, we will leverage the second challenge of Maxence’s playground.
flare-vm: A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a VM. #flare-vm #reverseengineering #windows #setup #softwareinstallation https://github.com/mandiant/flare-vm
GitHub
GitHub - mandiant/flare-vm: A collection of software installations scripts for Windows systems that allows you to easily setup…
A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a VM. - mandiant/flare-vm
XS-Leaks through Speculation-Rules - SECCON CTF 13 Author's Writeup ( Tanuki Udon ) #XSLeaks #SpeculationRules #SECCONCTF #Writeup https://satoooon1024.hatenablog.com/entry/2024/12/02/XS-Leaks_through_Speculation-Rules_-_SECCON_CTF_13_Author%27s_Writeup_%28_Tanuki_Udon_%29
Satoooonの物置
XS-Leaks through Speculation-Rules - SECCON CTF 13 Author's Writeup ( Tanuki Udon ) - Satoooonの物置
JP (Translated by ChatGPT) In this article, I'll explain the intended solution for the "Tanuki Udon" challenge presented in SECCON CTF 13. TL;DR An XS-Leaks att…
🔥1
DroidBot: Insights from a new Turkish MaaS fraud operation #DroidBot #MaaS #TurkishFraud #AndroidRAT #CleafyLabs https://www.cleafy.com/cleafy-labs/droidbot-insights-from-a-new-turkish-maas-fraud-operation
Cleafy
DroidBot: Insights from a new Turkish MaaS fraud operation | Cleafy Labs
Cleafy Labs reveals DroidBot, a new Android Remote Access Trojan targeting banks, crypto exchanges, and national organisations in Europe and beyond. Learn how it operates with dual-channel communication and evolving tactics. Read here the full report.
Bypassing WAFs with the phantom $Version cookie #BypassingWAFs #CookieParsing #WebSecurity #BurpSuite #Vulnerabilities https://portswigger.net/research/bypassing-wafs-with-the-phantom-version-cookie
PortSwigger Research
Bypassing WAFs with the phantom $Version cookie
HTTP cookies often control critical website features, but their long and convoluted history exposes them to parser discrepancy vulnerabilities. In this post, I'll explore some dangerous, lesser-known
U.S. Officials Tell Americans to Use Encrypted Apps as Scope of Cyberattack Grows #CyberattackGrows #UseEncryptedApps #SaltTyphoon #TelecomHack #CommunicationsSecurity https://www.vulnu.com/p/u-s-officials-tell-americans-to-use-encrypted-apps-as-scope-of-cyberattack-grows
Vulnerable U
U.S. Officials Tell Americans to Use Encrypted Apps as Scope of Cyberattack Grows
At least eight U.S. telecom firms and dozens of nations have been tied up in the unprecedented Salt Typhoon attack, according to new details from U.S. officials.
Android's CVE-2020-0401 (PackageManagerService) #AndroidCVE #PackageManagerService #Vulnerability #Exploitation #AndroidSecurity https://pwner.gg/blog/Android's-CVE-2020-0401
( ͡◕ _ ͡◕)👌
Android's CVE-2020-0401 (PackageManagerService)
Note This is another attempt in my Android Side Quest (the previous one was Android’s CVE-2020-0238). Intro While digging around through my old gadgets, I found my ancient OnePlus phone that had been gathering dust in a drawer.
🔥2
Azure CLI Token Leak #AzureCLI #TokenLeak #BinarySecurity #Vulnerability #CI/CD https://binsec.no/posts/2024/11/az-cli-acr-token-leak
Binary Security AS
Azure CLI Token Leak
Azure CLI was vulnerable to a registry server confusion attack in it’s Azure Container Registry (ACR) module. If an attacker controls the value of the registry name, they can leak the token of the principal, scoped to the ARM API at https://management.azure.com/…
Compromising OpenWrt Supply Chain via Truncated SHA-256 Collision and Command Injection #OpenWrtSupplyChainCompromised #TruncatedSHA256Collision #CommandInjection #FlattSecurityResearch #OpenWrtVulnerabilityBugFix https://flatt.tech/research/posts/compromising-openwrt-supply-chain-sha256-collision/
GMO Flatt Security Research
Compromising OpenWrt Supply Chain via Truncated SHA-256 Collision and Command Injection
Introduction
Hello, I’m RyotaK (@ryotkak
), a security engineer at Flatt Security Inc.
A few days ago, I was upgrading my home lab network, and I decided to upgrade the OpenWrt
on my router.1 After accessing the LuCI, which is the web interface of OpenWrt…
Hello, I’m RyotaK (@ryotkak
), a security engineer at Flatt Security Inc.
A few days ago, I was upgrading my home lab network, and I decided to upgrade the OpenWrt
on my router.1 After accessing the LuCI, which is the web interface of OpenWrt…
The Ruby on Rails _json Juggling Attack #RubyonRails #JSONJugglingAttack #Cybersecurity #Vulnerability #RailsParameterTestingSetup https://nastystereo.com/security/rails-_json-juggling-attack.html