Next.js, cache, and chains: the stale elixir #NextJS #CachePoisoning #DoS #StoredXSS #BugBounty https://zhero-web-sec.github.io/research-and-things/nextjs-cache-and-chains-the-stale-elixir
Stealing HttpOnly cookies with the cookie sandwich technique #CookieSandwich #HttpOnlyCookies #StealingCookies #CybersecurityResearch #WebVulnerabilities https://portswigger.net/research/stealing-httponly-cookies-with-the-cookie-sandwich-technique
PortSwigger Research
Stealing HttpOnly cookies with the cookie sandwich technique
In this post, I will introduce the "cookie sandwich" technique which lets you bypass the HttpOnly flag on certain servers. This research follows on from Bypassing WAFs with the phantom $Version cookie
🤔2
The Role of Cryptography in Protecting Personal Data #PersonalDataProtection #CryptographyBasics #SSLCertificates #EncryptionAndDecryption #HashingAndSalting https://medium.com/@aishiysan/the-role-of-cryptography-in-protecting-personal-data-6d4bf6c6469b
Medium
The Role of Cryptography in Protecting Personal Data
Are you like me, struggling to get your head around terms like symmetric encryption, asymmetric encryption, public key, private key…
Unique 0-click deanonymization attack targeting Signal, Discord and hundreds of platform #0ClickDeanonymization #Signal #Discord #CloudflareTeleport #LocationPrivacyAttack https://gist.github.com/hackermondev/45a3cdfa52246f1d1201c1e8cdef6117
Gist
Unique 0-click deanonymization attack targeting Signal, Discord and hundreds of platform
Unique 0-click deanonymization attack targeting Signal, Discord and hundreds of platform - research.md
CVE-2024-50050: Critical Vulnerability in meta-llama/llama-stack #OligoSecurity #CVE202450050 #MetaLlamaStack #RedefineSecurity #GenAIApplications https://www.oligo.security/blog/cve-2024-50050-critical-vulnerability-in-meta-llama-llama-stack
www.oligo.security
CVE-2024-50050: Critical Vulnerability in meta-llama/llama-stack | Oligo Security
The Oligo research team has discovered a critical vulnerability in meta-llama, an open source framework from Meta for building and deploying GenAI applications.
Government and university websites targeted in ScriptAPI[.]dev client-side attack #ClientSideAttack #SEO #WebSecurity #Government #UniversityWebsites https://cside.dev/blog/government-and-university-websites-targeted-in-scriptapi-dev-client-side-attack
cside
Government and university websites targeted in ScriptAPI[.]dev client-side attack
Yesterday we discovered another client-side JavaScript attack targeting +500 websites, including governments and universities. The injected scripts create hidden links in the Document Object Model (DOM), pointing to external websites, a programming interface…
WinVisor – A hypervisor- based emulator for Windows x64 user- mode executables #WinVisor #WindowsEmulation #Hypervisor #X64 #ProofOfConcept https://www.elastic.co/security-labs/winvisor-hypervisor-based-emulator
www.elastic.co
WinVisor – A hypervisor-based emulator for Windows x64 user-mode executables — Elastic Security Labs
WinVisor is a hypervisor-based emulator for Windows x64 user-mode executables that leverages the Windows Hypervisor Platform API to provide a virtualized environment for logging syscalls and enabling memory introspection.
Static Source Code Security Scanning Tools Evaluation Benchmark #StaticCodeSecurity #EvaluationBenchmark #SASTTools #VulnerabilityDetection #SourceCodeSupport https://insbug.medium.com/static-source-code-security-scanning-tools-evaluation-benchmark-26764298f463
Medium
Static Source Code Security Scanning Tools Evaluation Benchmark
Accuracy, Coverage & Integration: A Comprehensive Benchmark for Modern SAST Tools
🔥2
20 Critical Characteristics of Non-Human Identities You Need to Know #NonHumanIdentities #SecurityChallenges #CredentialManagement #DynamicProvisioning #SecurityStrategies https://www.techdemocracy.com/resources/characteristics-of-non-human-identities-110
TechDemocracy
20 Critical Characteristics of Non-Human Identities
Non-Human Identities (NHIs) are essential for automation but pose unique security challenges requiring tailored management and protection strategies. Know more!
WorstFit: Unveiling Hidden Transformers in Windows ANSI! #WorstFit #WindowsANSI #RedTeam #CVE #SecurityTraining https://devco.re/blog/2025/01/09/worstfit-unveiling-hidden-transformers-in-windows-ansi/
DEVCORE 戴夫寇爾
WorstFit: Unveiling Hidden Transformers in Windows ANSI! | DEVCORE 戴夫寇爾
The research unveils a new attack surface in Windows by exploiting Best-Fit, an internal charset conversion feature. Through our work, we successfully transformed this feature into several practical attacks, including Path Traversal, Argument Injection, and…
🤯1
BYOVD to the next level. Blind EDR with Windows Symbolic Link #BYOVD #BlindEDR #WindowsSymbolicLink #ElevatedExploits #NewLevel https://www.zerosalarium.com/2025/01/byovd%20next%20level%20blind%20EDR%20windows%20symbolic%20link.html
Zerosalarium
BYOVD to the next level. Blind EDR with Windows Symbolic Link
A new way to use BYOVD technique. By combining the file-writing capabilities of a driver with Windows symbolic links
New VPN Backdoor #VPNBackdoor #MagicPacket #J-Magic #BackdoorMalware #LuminTechnology https://www.schneier.com/blog/archives/2025/01/new-vpn-backdoor.html
Schneier on Security
New VPN Backdoor - Schneier on Security
A newly discovered VPN backdoor uses some interesting tactics to avoid detection: When threat actors use backdoor malware to gain access to a network, they want to make sure all their hard work can’t be leveraged by competing groups or detected by defenders.…
Process Hollowing on Windows 11 24H2 #ProcessHollowing #Windows11 #PEloader #RunPE #MalwareAnalysis https://hshrzd.wordpress.com/2025/01/27/process-hollowing-on-windows-11-24h2/
hasherezade's 1001 nights
Process Hollowing on Windows 11 24H2
Process Hollowing (a.k.a. RunPE) is probably the oldest, and the most popular process impersonation technique (it allows to run a malicious executable under the cover of a benign process). It is us…
Get FortiRekt, I Am The Super_Admin Now - Fortinet FortiOS Authentication Bypass CVE-2024-55591 #FortiRekt #SuperAdminNow #FortiOSBypass #CVE55591 #FortiGateWebVulnerability https://labs.watchtowr.com/get-fortirekt-i-am-the-super_admin-now-fortios-authentication-bypass-cve-2024-55591/
watchTowr Labs
Get FortiRekt, I Am The Super_Admin Now - Fortinet FortiOS Authentication Bypass CVE-2024-55591
Welcome to Monday, and what an excitingly fresh start to the week we're all having.
Grab your coffee, grab your vodka - we're diving into a currently exploited-in-the-wild critical Authentication Bypass affecting foRtinet's (we are returning the misspelling…
Grab your coffee, grab your vodka - we're diving into a currently exploited-in-the-wild critical Authentication Bypass affecting foRtinet's (we are returning the misspelling…
A Missed Opportunity: Addressing Weak Password Hashing in VxWorks #WeakPasswordHashing #VxWorks #SecurityVulnerability #VendorResponse #SecurityStandards https://sec-consult.com/blog/detail/a-missed-opportunity-addressing-weak-password-hashing-in-vxworks/
SEC Consult
A Missed Opportunity: Addressing Weak Password Hashing in VxWorks
The security of embedded systems running Real-Time Operating Systems (RTOS) like Wind River VxWorks is vital in high stakes sectors such as OT, defense, and aviation.
Phishing for Refresh Tokens #Phishing #RefreshTokens #AITM #AtticSecurity #Zolder https://zolder.io/blog/phishing-for-refresh-tokens/
Zolder - Applied Security Research
Phishing for Refresh Tokens | Zolder - Applied Security Research
leveraging AiTM and the OAuth 2.0 authorization code flow to steal access and refresh tokens. Modified AITMWorker for steal refreshtokens.
CVE-2024-46507: Yeti Platform Server-Side Template Injection (SSTI) #CVE-2024-46507 #SSTI #RCE #YetiPlatform #RhinoSecurityLabs https://rhinosecuritylabs.com/research/cve-2024-46507-yeti-server-side-template-injection-ssti/
Rhino Security Labs
CVE-2024-46507: Yeti Platform Server-Side Template Injection (SSTI)
Yeti is a Forensic Intelligence platform and pipeline for DFIR teams. Rhino Security Labs will detail 2 security flaws that, combined, lead to unauthenticated RCE.
NFCToolsGUI: A cross-platform program that interacts with PN532, supports Windows, Linux, and macOS. #NFCToolsGUI #CrossPlatform #PN532 #Windows #LinuxMacOS https://github.com/GSWXXN/NFCToolsGUI
GitHub
GitHub - GSWXXN/NFCToolsGUI: A cross-platform program that interacts with PN532, supports Windows, Linux, and macOS.
A cross-platform program that interacts with PN532, supports Windows, Linux, and macOS. - GSWXXN/NFCToolsGUI
A short Introduction to BloodHound Custom Queries #BloodHound #CustomQueries #ActiveDirectory #CypherQueries #SecurityOperations https://www.8com.de/cyber-security-blog/a-short-introduction-to-bloodhound-custom-queries
www.8com.de
A short Introduction to BloodHound Custom Queries
In this post, we’ll present custom BloodHound queries to find real-world vulnerabilities and misconfigurations in Active Directory networks.
Exploring Heap Exploitation Mechanisms: Understanding the House of Force Technique #HeapExploitation #HouseOfForce #MemoryAllocation #HeapChunks #ReallocationMechanism https://www.darkrelay.com/post/exploring-heap-exploitation-mechanisms-understanding-the-house-of-force-technique
DarkRelay
Exploring Heap Exploitation Mechanisms: Understanding the House of Force Technique
Heap exploitation techniques like House of Force demonstrate the complexities and risks associated with memory management systems.
🔥2
CRLF injection via TryAddWithoutValidation in .NET #CRLF #Injection #TryAddWithoutValidation #.NET #BinarySecurityAS https://binarysecurity.no/posts/2025/01/tryaddwithoutvalidation
Binary Security AS
CRLF injection via TryAddWithoutValidation in .NET
Binary Security was awarded two CVEs (CVE-2024-45302 and CVE-2024-51501) for header injection vulnerabilities in the RestSharp and Refit .NET libraries. This blog post outlines the research which lead to discovering these vulnerabilities.