RSYNC: 6 vulnerabilities #osssecurity #RSYNC #vulnerabilities #opensource https://www.openwall.com/lists/oss-security/2025/01/14/3
🔥3
Authentication bypass in Node.js websocket module and CSF requests #PSIRT #FortiGuardLabs #Vulnerability #AuthenticationBypass #CriticalSeverity https://fortiguard.fortinet.com/psirt/FG-IR-24-535
FortiGuard Labs
PSIRT | FortiGuard Labs
None
From arbitrary pointer dereference to arbitrary read/write in latest Windows 11 #Windows11 #VBS #HVCI #KFCT #ArbitraryReadWrite https://security.humanativaspa.it/from-arbitrary-pointer-dereference-to-arbitrary-read-write-in-latest-windows-11/
HN Security
From arbitrary pointer dereference to arbitrary read/write in latest Windows 11 - HN Security
In the last part of this Windows kernel exploitation series, we successfully exploited an arbitrary pointer dereference, bypassing SMEP and […]
🔥3
EvilKnievelnoVNC: Weaponized EvilnoVNC: Scalable and semi-automated MFA-Phishing #EvilKnievelnoVNC #MFAphishing #GitHub #Security #AI https://github.com/ms101/EvilKnievelnoVNC
GitHub
GitHub - ms101/EvilKnievelnoVNC: Weaponized EvilnoVNC: Scalable and semi-automated MFA-Phishing
Weaponized EvilnoVNC: Scalable and semi-automated MFA-Phishing - ms101/EvilKnievelnoVNC
2024 CVEs in Review https://vulnerability.blog/2025/01/14/2024-cves-in-review/
Vulnerability Blog
2024 CVEs in Review
Now that 2024 has come to its conclusion, I’ve decided to kick off a post outlining some observations, trends, and insights for the CVEs published. As always more information is available in …
CVE-2025-0282 #CVE-2025-0282 #AttackerKB #Rapid7 #Vulnerability #Exploited https://attackerkb.com/topics/WzjO6MNGY3/cve-2025-0282
AttackerKB
CVE-2025-0282 | AttackerKB
A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2, and Ivanti Neurons for ZTA gatewa…
Microsoft Configuration Manager (ConfigMgr) 2403 Unauthenticated SQL injections #MicrosoftConfigurationManager #UnauthenticatedSQL #CriticalVulnerability #CVE-2024-43468 #RemoteCodeExecution https://www.synacktiv.com/advisories/microsoft-configuration-manager-configmgr-2403-unauthenticated-sql-injections
Synacktiv
Microsoft Configuration Manager (ConfigMgr) 2403 Unauthenticated SQL injections
Hack The Emulated Planet: Vulnerability Hunting on Planet WGS-804HPT Industrial Switches #PlanetWGS804HPT #VulnerabilityHunting #EmulationTools #RemoteCodeExecution #ExploitDevelopment https://claroty.com/team82/research/hack-the-emulated-planet-vulnerability-hunting-on-planet-wgs-804hpt-industrial-switches
Claroty
Hack The Emulated Planet: Vulnerability Hunting on Planet WGS-804HPT Industrial Switches
Claroty Team82 used QEMU to emulate the relevant system components of Planet Technology Corp’s WGS-804HPT Industrial switch, and uncovered three vulnerabilities that could allow an attacker to remotely execute code on a vulnerable device. The vulnerabilities…
Bypassing disk encryption on systems with automatic TPM2 unlock #TPM2 #Security #DiskEncryption #PCRSelection #Vulnerability https://oddlama.org/blog/bypassing-disk-encryption-with-tpm2-unlock/
oddlama.org
Bypassing disk encryption on systems with automatic TPM2
unlock | oddlama's blog
unlock | oddlama's blog
oddlama's personal web page and blog
Let’s talk about AI and end-to-end encryption #AI #EndToEndEncryption #Privacy #DataProcessing #FutureConcerns https://blog.cryptographyengineering.com/2025/01/17/lets-talk-about-ai-and-end-to-end-encryption/
A Few Thoughts on Cryptographic Engineering
Let’s talk about AI and end-to-end encryption
Recently I came across a fantastic new paper by a group of NYU and Cornell researchers entitled “How to think about end-to-end encryption and AI.” I’m extremely grateful to see th…
SSD Advisory – cldflt Heap-based Overflow (PE) #SSDAdvisory #HeapBasedOverflow #CloudFiles #MicrosoftWindows #CVE-2024-30085 https://ssd-disclosure.com/ssd-advisory-cldflt-heap-based-overflow-pe/
SSD Secure Disclosure
SSD Advisory - cldflt Heap-based Overflow (PE) - SSD Secure Disclosure
Summary A vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. To exploit this vulnerability, an attacker must first obtain the ability to execute low-privileged code on the target system. The specific…
NaN Of Your Business - My Favorite Unintended CTF Solution #CTF #UnintendedSolution #NaN #FunChallenge #Educational https://maxwelldulin.com/BlogPost/NaN-Of-Your-Business-My-Favorite-Unintended-CTF-Solution
Strikeout Security Blog
NaN Of Your Business - My Favorite Unintended CTF Solution
Floats in C are weird. Floating point number rounding and NaN shenanigans to bypass security protections.
👍2🔥1🤬1💩1
Vulnerability Archeology: Stealing Passwords with IBM i Access Client Solutions #VulnerabilityArcheology #PasswordStealing #IBM #EthicalHacking #SilentSignalTechblog https://blog.silentsignal.eu/2025/01/21/ibm-acs-password-dump/
Silent Signal Techblog
Vulnerability Archeology: Stealing Passwords with IBM i Access Client Solutions
Because we can!
🔥1🤮1
Reverse Engineering Call Of Duty Anti-Cheat #ReverseEngineering #CallOfDuty #AntiCheat #Arxan #APIHookDetection https://ssno.cc/posts/reversing-tac-1-4-2025/
ssno
Reverse Engineering Call Of Duty Anti-Cheat
Interested in Anti-Cheat analysis? I highly recommend checking out Guided Hacking’s Anti-Cheat section. I’ve been reversing Black Ops Cold War for a while now, and I’ve finally decided to share my research regarding the user-mode anti-cheat inside the game.…
Do the CONTEC CMS8000 Patient Monitors Contain a Chinese Backdoor? The Reality is More Complicated… #ContecCMS8000 #ChineseBackdoor #VulnerabilityResearch #InsecureDesign #PatientMonitorSecurity https://claroty.com/team82/research/are-contec-cms8000-patient-monitors-infected-with-a-chinese-backdoor-the-reality-is-more-complicated
Claroty
Do the CONTEC CMS8000 Patient Monitors Contain a Chinese Backdoor? The Reality is More Complicated…
Team82 investigated what CISA labeled a backdoor in the Contec CMS8000 patient monitoring system and concluded that instead, the decision to include a hardcoded IP address is instead an insecure and risky design choice on the part of the vendor.
SSD Advisory – Palo Alto Expedition RCE (regionsDiscovery) https://ssd-disclosure.com/ssd-advisory-palo-alto-expedition-rce-regionsdiscovery/
SSD Secure Disclosure
SSD Advisory - Palo Alto Expedition RCE (regionsDiscovery) - SSD Secure Disclosure
Summary A vulnerability in Palo Alto Expedition allows remote attackers who can reach the web interface to execute arbitrary code. Credit An independent security researcher working with SSD Secure Disclosure. Vendor Response Palo Alto has released the following…
Next.js, cache, and chains: the stale elixir #NextJS #CachePoisoning #DoS #StoredXSS #BugBounty https://zhero-web-sec.github.io/research-and-things/nextjs-cache-and-chains-the-stale-elixir
Stealing HttpOnly cookies with the cookie sandwich technique #CookieSandwich #HttpOnlyCookies #StealingCookies #CybersecurityResearch #WebVulnerabilities https://portswigger.net/research/stealing-httponly-cookies-with-the-cookie-sandwich-technique
PortSwigger Research
Stealing HttpOnly cookies with the cookie sandwich technique
In this post, I will introduce the "cookie sandwich" technique which lets you bypass the HttpOnly flag on certain servers. This research follows on from Bypassing WAFs with the phantom $Version cookie
🤔2
The Role of Cryptography in Protecting Personal Data #PersonalDataProtection #CryptographyBasics #SSLCertificates #EncryptionAndDecryption #HashingAndSalting https://medium.com/@aishiysan/the-role-of-cryptography-in-protecting-personal-data-6d4bf6c6469b
Medium
The Role of Cryptography in Protecting Personal Data
Are you like me, struggling to get your head around terms like symmetric encryption, asymmetric encryption, public key, private key…