WinVisor – A hypervisor- based emulator for Windows x64 user- mode executables #WinVisor #WindowsEmulation #Hypervisor #X64 #ProofOfConcept https://www.elastic.co/security-labs/winvisor-hypervisor-based-emulator
www.elastic.co
WinVisor – A hypervisor-based emulator for Windows x64 user-mode executables — Elastic Security Labs
WinVisor is a hypervisor-based emulator for Windows x64 user-mode executables that leverages the Windows Hypervisor Platform API to provide a virtualized environment for logging syscalls and enabling memory introspection.
Static Source Code Security Scanning Tools Evaluation Benchmark #StaticCodeSecurity #EvaluationBenchmark #SASTTools #VulnerabilityDetection #SourceCodeSupport https://insbug.medium.com/static-source-code-security-scanning-tools-evaluation-benchmark-26764298f463
Medium
Static Source Code Security Scanning Tools Evaluation Benchmark
Accuracy, Coverage & Integration: A Comprehensive Benchmark for Modern SAST Tools
🔥2
20 Critical Characteristics of Non-Human Identities You Need to Know #NonHumanIdentities #SecurityChallenges #CredentialManagement #DynamicProvisioning #SecurityStrategies https://www.techdemocracy.com/resources/characteristics-of-non-human-identities-110
TechDemocracy
20 Critical Characteristics of Non-Human Identities
Non-Human Identities (NHIs) are essential for automation but pose unique security challenges requiring tailored management and protection strategies. Know more!
WorstFit: Unveiling Hidden Transformers in Windows ANSI! #WorstFit #WindowsANSI #RedTeam #CVE #SecurityTraining https://devco.re/blog/2025/01/09/worstfit-unveiling-hidden-transformers-in-windows-ansi/
DEVCORE 戴夫寇爾
WorstFit: Unveiling Hidden Transformers in Windows ANSI! | DEVCORE 戴夫寇爾
The research unveils a new attack surface in Windows by exploiting Best-Fit, an internal charset conversion feature. Through our work, we successfully transformed this feature into several practical attacks, including Path Traversal, Argument Injection, and…
🤯1
BYOVD to the next level. Blind EDR with Windows Symbolic Link #BYOVD #BlindEDR #WindowsSymbolicLink #ElevatedExploits #NewLevel https://www.zerosalarium.com/2025/01/byovd%20next%20level%20blind%20EDR%20windows%20symbolic%20link.html
Zerosalarium
BYOVD to the next level. Blind EDR with Windows Symbolic Link
A new way to use BYOVD technique. By combining the file-writing capabilities of a driver with Windows symbolic links
New VPN Backdoor #VPNBackdoor #MagicPacket #J-Magic #BackdoorMalware #LuminTechnology https://www.schneier.com/blog/archives/2025/01/new-vpn-backdoor.html
Schneier on Security
New VPN Backdoor - Schneier on Security
A newly discovered VPN backdoor uses some interesting tactics to avoid detection: When threat actors use backdoor malware to gain access to a network, they want to make sure all their hard work can’t be leveraged by competing groups or detected by defenders.…
Process Hollowing on Windows 11 24H2 #ProcessHollowing #Windows11 #PEloader #RunPE #MalwareAnalysis https://hshrzd.wordpress.com/2025/01/27/process-hollowing-on-windows-11-24h2/
hasherezade's 1001 nights
Process Hollowing on Windows 11 24H2
Process Hollowing (a.k.a. RunPE) is probably the oldest, and the most popular process impersonation technique (it allows to run a malicious executable under the cover of a benign process). It is us…
Get FortiRekt, I Am The Super_Admin Now - Fortinet FortiOS Authentication Bypass CVE-2024-55591 #FortiRekt #SuperAdminNow #FortiOSBypass #CVE55591 #FortiGateWebVulnerability https://labs.watchtowr.com/get-fortirekt-i-am-the-super_admin-now-fortios-authentication-bypass-cve-2024-55591/
watchTowr Labs
Get FortiRekt, I Am The Super_Admin Now - Fortinet FortiOS Authentication Bypass CVE-2024-55591
Welcome to Monday, and what an excitingly fresh start to the week we're all having.
Grab your coffee, grab your vodka - we're diving into a currently exploited-in-the-wild critical Authentication Bypass affecting foRtinet's (we are returning the misspelling…
Grab your coffee, grab your vodka - we're diving into a currently exploited-in-the-wild critical Authentication Bypass affecting foRtinet's (we are returning the misspelling…
A Missed Opportunity: Addressing Weak Password Hashing in VxWorks #WeakPasswordHashing #VxWorks #SecurityVulnerability #VendorResponse #SecurityStandards https://sec-consult.com/blog/detail/a-missed-opportunity-addressing-weak-password-hashing-in-vxworks/
SEC Consult
A Missed Opportunity: Addressing Weak Password Hashing in VxWorks
The security of embedded systems running Real-Time Operating Systems (RTOS) like Wind River VxWorks is vital in high stakes sectors such as OT, defense, and aviation.
Phishing for Refresh Tokens #Phishing #RefreshTokens #AITM #AtticSecurity #Zolder https://zolder.io/blog/phishing-for-refresh-tokens/
Zolder - Applied Security Research
Phishing for Refresh Tokens | Zolder - Applied Security Research
leveraging AiTM and the OAuth 2.0 authorization code flow to steal access and refresh tokens. Modified AITMWorker for steal refreshtokens.
CVE-2024-46507: Yeti Platform Server-Side Template Injection (SSTI) #CVE-2024-46507 #SSTI #RCE #YetiPlatform #RhinoSecurityLabs https://rhinosecuritylabs.com/research/cve-2024-46507-yeti-server-side-template-injection-ssti/
Rhino Security Labs
CVE-2024-46507: Yeti Platform Server-Side Template Injection (SSTI)
Yeti is a Forensic Intelligence platform and pipeline for DFIR teams. Rhino Security Labs will detail 2 security flaws that, combined, lead to unauthenticated RCE.
NFCToolsGUI: A cross-platform program that interacts with PN532, supports Windows, Linux, and macOS. #NFCToolsGUI #CrossPlatform #PN532 #Windows #LinuxMacOS https://github.com/GSWXXN/NFCToolsGUI
GitHub
GitHub - GSWXXN/NFCToolsGUI: A cross-platform program that interacts with PN532, supports Windows, Linux, and macOS.
A cross-platform program that interacts with PN532, supports Windows, Linux, and macOS. - GSWXXN/NFCToolsGUI
A short Introduction to BloodHound Custom Queries #BloodHound #CustomQueries #ActiveDirectory #CypherQueries #SecurityOperations https://www.8com.de/cyber-security-blog/a-short-introduction-to-bloodhound-custom-queries
www.8com.de
A short Introduction to BloodHound Custom Queries
In this post, we’ll present custom BloodHound queries to find real-world vulnerabilities and misconfigurations in Active Directory networks.
Exploring Heap Exploitation Mechanisms: Understanding the House of Force Technique #HeapExploitation #HouseOfForce #MemoryAllocation #HeapChunks #ReallocationMechanism https://www.darkrelay.com/post/exploring-heap-exploitation-mechanisms-understanding-the-house-of-force-technique
DarkRelay
Exploring Heap Exploitation Mechanisms: Understanding the House of Force Technique
Heap exploitation techniques like House of Force demonstrate the complexities and risks associated with memory management systems.
🔥2
CRLF injection via TryAddWithoutValidation in .NET #CRLF #Injection #TryAddWithoutValidation #.NET #BinarySecurityAS https://binarysecurity.no/posts/2025/01/tryaddwithoutvalidation
Binary Security AS
CRLF injection via TryAddWithoutValidation in .NET
Binary Security was awarded two CVEs (CVE-2024-45302 and CVE-2024-51501) for header injection vulnerabilities in the RestSharp and Refit .NET libraries. This blog post outlines the research which lead to discovering these vulnerabilities.
I Found a Game Exploit That Lets Hackers Take Over Your PC #GameExploit #PCSecurity #RCEVulnerability #PS5Security #GameDevSecurity https://shalzuth.com/Blog/IFoundAGameExploit
Shalzuth
Reverse Engineering: I Found a Game Exploit That Lets Hackers Take Over Your PC
Reverse Engineering: I discovered a serious Remote Code Execution (RCE) vulnerability in a popular game that could let attackers run code on your PC. Watch how I found it, reported it, and what you can do to stay safe.
Live Chat Blog #2: Cisco Webex Connect - Access to millions of chats histories #LiveChatBlog #CiscoWebexConnect #VulnerabilityFound #AccessToCustomerChats #OrionSecurity https://www.ophionsecurity.com/post/cisco-webex-connect-vulnerability-unauthenticated-access-to-all-chats
Ophionsecurity
Live Chat Blog #2: Cisco Webex Connect - Access to millions of chats histories - Ophion Security Publications
In July 2024, we identified a vulnerability that resulted in access to millions of live customer support messages for organizations using Cisco Webex Connect.
SlackPirate Set Sails Again! Or: How to Send the Entire “Bee Movie” Script to Your Friends in Slack #SlackPirate #BeeMovieScript #SpecterOps #RedTeam #WebSecurity https://posts.specterops.io/slackpirate-set-sails-again-or-how-to-send-the-entire-bee-movie-script-to-your-friends-in-slack-d9c691ae33f5
Medium
SlackPirate Set Sails Again! Or: How to Send the Entire “Bee Movie” Script to Your Friends in Slack
TLDR: SlackPirate has been defunct for a few years due to a breaking change in how the Slack client interacts with the Slack API. It has a…
Everyone knows your location: tracking myself down through in-app ads #LocationDataLeak #AppTracking #DataBrokers #UserConsent #GeolocationTracking https://timsh.org/tracking-myself-down-through-in-app-ads/
tim.sh
Everyone knows your location
How I tracked myself down using leaked location data in the in-app ads, and what I found along the way.
SLAP (Data Speculation Attacks via Load Address Prediction on Apple Silicon) and FLOP (Breaking the Apple M3 CPU via False Load Output Predictions ) Apple CPUs speculation attacks #SLAP #FLOP #Apple #SpeculativeExecution #DataLeak https://predictors.fail/
predictors.fail
SLAP and FLOP
The SLAP and FLOP Address and Value Prediction Attacks
Ransomware Groups Exploiting Microsoft Teams #RansomwareGroups #ExploitingMicrosoftTeams #GoSecure #Cybersecurity #ProtectYourOrganization https://gosecure.ai/blog/2025/01/22/ransomware-groups-exploiting-microsoft-teams/
GoSecure
24/7 managed detection, response, and expert cybersecurity services - GoSecure
We provide around-the-clock threat detection and incident response, backed by expert consulting to keep your organization secure.