CloudGoat Official Walkthrough Series: ‘sqs_flag_shop’ #CloudGoat #Walkthrough #sqs_flag_shop #PenetrationTesting #RhinoSecurityLabs https://rhinosecuritylabs.com/research/cloudgoat-walkthrough-sqs_flag_shop/
Rhino Security Labs
CloudGoat Official Walkthrough Series: ‘sqs_flag_shop’
This post walks through a new CloudGoat scenario, sqs_flag_shop in AWS.
CSPT the Eval Villain Way! #CSPT #EvalVillain #Exploit #BugFinding #SecurityEngineers https://blog.doyensec.com/2024/12/03/cspt-with-eval-villain.html
Doyensec
CSPT the Eval Villain Way!
Doyensec’s Maxence Schmitt recently built a playground to go with his CSPT research. In this blog post, we will demonstrate how to find and exploit CSPT bugs with Eval Villain. For this purpose, we will leverage the second challenge of Maxence’s playground.
flare-vm: A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a VM. #flare-vm #reverseengineering #windows #setup #softwareinstallation https://github.com/mandiant/flare-vm
GitHub
GitHub - mandiant/flare-vm: A collection of software installations scripts for Windows systems that allows you to easily setup…
A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a VM. - mandiant/flare-vm
XS-Leaks through Speculation-Rules - SECCON CTF 13 Author's Writeup ( Tanuki Udon ) #XSLeaks #SpeculationRules #SECCONCTF #Writeup https://satoooon1024.hatenablog.com/entry/2024/12/02/XS-Leaks_through_Speculation-Rules_-_SECCON_CTF_13_Author%27s_Writeup_%28_Tanuki_Udon_%29
Satoooonの物置
XS-Leaks through Speculation-Rules - SECCON CTF 13 Author's Writeup ( Tanuki Udon ) - Satoooonの物置
JP (Translated by ChatGPT) In this article, I'll explain the intended solution for the "Tanuki Udon" challenge presented in SECCON CTF 13. TL;DR An XS-Leaks att…
🔥1
DroidBot: Insights from a new Turkish MaaS fraud operation #DroidBot #MaaS #TurkishFraud #AndroidRAT #CleafyLabs https://www.cleafy.com/cleafy-labs/droidbot-insights-from-a-new-turkish-maas-fraud-operation
Cleafy
DroidBot: Insights from a new Turkish MaaS fraud operation | Cleafy Labs
Cleafy Labs reveals DroidBot, a new Android Remote Access Trojan targeting banks, crypto exchanges, and national organisations in Europe and beyond. Learn how it operates with dual-channel communication and evolving tactics. Read here the full report.
Bypassing WAFs with the phantom $Version cookie #BypassingWAFs #CookieParsing #WebSecurity #BurpSuite #Vulnerabilities https://portswigger.net/research/bypassing-wafs-with-the-phantom-version-cookie
PortSwigger Research
Bypassing WAFs with the phantom $Version cookie
HTTP cookies often control critical website features, but their long and convoluted history exposes them to parser discrepancy vulnerabilities. In this post, I'll explore some dangerous, lesser-known
U.S. Officials Tell Americans to Use Encrypted Apps as Scope of Cyberattack Grows #CyberattackGrows #UseEncryptedApps #SaltTyphoon #TelecomHack #CommunicationsSecurity https://www.vulnu.com/p/u-s-officials-tell-americans-to-use-encrypted-apps-as-scope-of-cyberattack-grows
Vulnerable U
U.S. Officials Tell Americans to Use Encrypted Apps as Scope of Cyberattack Grows
At least eight U.S. telecom firms and dozens of nations have been tied up in the unprecedented Salt Typhoon attack, according to new details from U.S. officials.
Android's CVE-2020-0401 (PackageManagerService) #AndroidCVE #PackageManagerService #Vulnerability #Exploitation #AndroidSecurity https://pwner.gg/blog/Android's-CVE-2020-0401
( ͡◕ _ ͡◕)👌
Android's CVE-2020-0401 (PackageManagerService)
Note This is another attempt in my Android Side Quest (the previous one was Android’s CVE-2020-0238). Intro While digging around through my old gadgets, I found my ancient OnePlus phone that had been gathering dust in a drawer.
🔥2
Azure CLI Token Leak #AzureCLI #TokenLeak #BinarySecurity #Vulnerability #CI/CD https://binsec.no/posts/2024/11/az-cli-acr-token-leak
Binary Security AS
Azure CLI Token Leak
Azure CLI was vulnerable to a registry server confusion attack in it’s Azure Container Registry (ACR) module. If an attacker controls the value of the registry name, they can leak the token of the principal, scoped to the ARM API at https://management.azure.com/…
Compromising OpenWrt Supply Chain via Truncated SHA-256 Collision and Command Injection #OpenWrtSupplyChainCompromised #TruncatedSHA256Collision #CommandInjection #FlattSecurityResearch #OpenWrtVulnerabilityBugFix https://flatt.tech/research/posts/compromising-openwrt-supply-chain-sha256-collision/
GMO Flatt Security Research
Compromising OpenWrt Supply Chain via Truncated SHA-256 Collision and Command Injection
Introduction
Hello, I’m RyotaK (@ryotkak
), a security engineer at Flatt Security Inc.
A few days ago, I was upgrading my home lab network, and I decided to upgrade the OpenWrt
on my router.1 After accessing the LuCI, which is the web interface of OpenWrt…
Hello, I’m RyotaK (@ryotkak
), a security engineer at Flatt Security Inc.
A few days ago, I was upgrading my home lab network, and I decided to upgrade the OpenWrt
on my router.1 After accessing the LuCI, which is the web interface of OpenWrt…
The Ruby on Rails _json Juggling Attack #RubyonRails #JSONJugglingAttack #Cybersecurity #Vulnerability #RailsParameterTestingSetup https://nastystereo.com/security/rails-_json-juggling-attack.html
Write, debug and execute BOFs using bof-launcher (part 1) #bofLauncher #writeDebugExecute #ZigCAssembly #buildSystem #debuggingBOFs https://blog.z-labs.eu/2024/12/02/write-debug-and-execute-bofs-part1.html
Performing Android Static Analysis 101-A Complete Guide for Beginners #AndroidStaticAnalysis #Laburity #Tools #Analysis #BeginnersGuide https://laburity.com/performing-android-static-analysis-101-a-complete-guide-for-beginners/
Laburity - Cyber Security Services
Performing Android Static Analysis 101-A Complete Guide for Beginners - Laburity
Android Static Analysis is a foundational approach to identifying vulnerabilities in applications without executing them. This blog provides insight into the tools and techniques required for effective analysis. What is Android Static Analysis: Android static…
Mastering Bug Bounty Recon: Essential Techniques for Ethical Hackers #BugBounty #EthicalHackers #Reconnaissance #BashScripts #CybersecurityExpert https://medium.verylazytech.com/mastering-bug-bounty-recon-essential-techniques-for-ethical-hackers-549c5b472975
Medium
Mastering Bug Bounty Recon: Essential Techniques for Ethical Hackers
The first step to attacking any target is conducting reconnaissance, or simply put, gathering information about the target. Reconnaissance…
Hacking AI Applications: From 3D Printing to Remote Code Execution #HackingAI #3DPrinting #RemoteCodeExecution #SystemPromptDisclosure #ExfiltrationTechniques https://www.securityrunners.io/post/hacking-ai-applications
www.securityrunners.io
Hacking AI Applications: From 3D Printing to Remote Code Execution
The blog post examines methods for hacking AI-native applications by detailing vulnerabilities discovered while building KachraCraft, a 3D design generation tool, including techniques for revealing system prompts, executing server-side request forgery (SSRF)…
Why Can't You Fix This Bug Faster? #BugReporting #DeveloperRelationships #VulnerabilityAssessment #BugFixing #SecurityResearcherPerspective https://maxwelldulin.com/BlogPost/Why-Can't-You-Fix-This-Bug-Faster
Strikeout Security Blog
Why Can't You Fix This Bug Faster?
Fixing security vulnerabilities in a timely manner is more complicated than you realize.
Far From Random: Three Mistakes From Dart/Flutter's Weak PRNG #DartSDK #WeakPRNG #Vulnerabilities #ProtonWallet #SecurityFixes https://www.zellic.io/blog/proton-dart-flutter-csprng-prng/
www.zellic.io
Far From Random: Three Mistakes From Dart/Flutter's Weak PRNG | Zellic — Research
A look into how an unexpectedly weak PRNG in Dart led to Zellic's discovery of multiple vulnerabilities
Messenger Group Call DoS for iOS #MessengerGroupCall #DoS #iOS #Signal11 #SecurityResearch https://s11research.com/posts/Messenger-Group-Call-DoS-for-iOS/
Signal 11
Messenger Group Call DoS for iOS
Messenger is used by hundreds of millions of people globally, and as of December 2023, it has adopted end-to-end encryption (E2EE) by default for chats and calls. However, when a group chat is created, it initially does not use E2EE. Interestingly, non-E2EE…
Cleo Harmony, VLTrader, and LexiCom - RCE via Arbitrary File Write (CVE-2024-50623) #CleoHarmony #VLTrader #LexiCom #RCE #ArbitraryFileWrite https://labs.watchtowr.com/cleo-cve-2024-50623/
watchTowr Labs
Cleo Harmony, VLTrader, and LexiCom - RCE via Arbitrary File Write (CVE-2024-50623)
We were having a nice uneventful week at watchTowr, when we got news of some ransomware operators using a zero-day exploit in Cleo MFT software - namely, LexiCom, VLTransfer, and Harmony - applications that many large enterprises rely on to share files securely.…
Astalavista is back! ❤️ https://forum.astalavista.com/
🔥2