Home
Recommended
Other Links
Cisco Talos Intelligence Group - Comprehensive Threat Intelligence
Oct 9 2024 @ 4:00 PM
Jonathan Munshaw
This website is using a security service to protect itself from online attacks. The action you just performed triggered the security solution. There are several actions that could trigger this block including submitting a certain word or phrase, a SQL command or malformed data.
You can email the...
A disinformation campaign targets Moldova ahead of presidential elections and EU referendum
Following the publication of my blog post A Practical Guide to PrintNightmare in 2024, a few people brought to my attention that there was a way to bypass the Point and Print (PnP) restrictions recommended at the end. So, rather than just updating this article with a quick note, I decided to dig a little deeper, and see if I could find a better way to protect against the exploitation of PnP configurations.
Guest post by Nick Galloway, Senior Security Engineer, 20% time on Project Zero Late in 2023, while working on a 20% project with Projec...
This website is using a security service to protect itself from online attacks. The action you just performed triggered the security solution. There are several actions that could trigger this block including submitting a certain word or phrase, a SQL command or malformed data.
You can email the...
This website is using a security service to protect itself from online attacks. The action you just performed triggered the security solution. There are several actions that could trigger this block including submitting a certain word or phrase, a SQL command or malformed data.
You can email the...
This website is using a security service to protect itself from online attacks. The action you just performed triggered the security solution. There are several actions that could trigger this block including submitting a certain word or phrase, a SQL command or malformed data.
You can email the...
This website is using a security service to protect itself from online attacks. The action you just performed triggered the security solution. There are several actions that could trigger this block including submitting a certain word or phrase, a SQL command or malformed data.
You can email the...
# Class Pollution in Ruby: A Deep Dive into Exploiting Recursive Merges
02 Oct 2024 - Posted by Raúl Miján
## Introduction
In this post, we are going to explore a rarely discussed class of vulnerabilities in Ruby, known as **class pollution**. This concept is inspired by the idea of prototype...
### Summary
OpenTelemetry Collector module [awsfirehosereceiver](https://github.com/open-telemetry/opentelemetry-collector-contrib/tree/main/receiver/awsfirehosereceiver) allows unauthenticated re...
Research by: Jiri Vinopal Have you ever wondered why there are so many vulnerable drivers and what might be causing them to be vulnerable? Do you want to understand why some drivers are prone to crossing security boundaries and how we can stop that? Vulnerable drivers not only put the system where they are installed at […]
Key takeaways Introduction Crypto drainers are malicious tools that steal digital assets like NFTs, and tokens from cryptocurrency wallets. They often use phishing techniques and leverage smart contracts to enhance their impact. Typically, users are tricked into visiting phishing websites that mimic legitimate cryptocurrency platforms. Drainers then initiate fraudulent transactions and deceive users into signing […]
Cisco Talos Intelligence Group - Comprehensive Threat Intelligence
Sep 25 2024 @ 4:00 PM
Jonathan Munshaw
This website is using a security service to protect itself from online attacks. The action you just performed triggered the security solution. There are several actions that could trigger this block including submitting a certain word or phrase, a SQL command or malformed data.
You can email the...
Introduction DLL Hijacking — a technique for forcing legitimate applications to run malicious code — has been in use for about a decade at least. In this write-up we give a short introduction to the technique of DLL Hijacking, followed by a digest of several dozen documented uses of that technique over the past decade […]
# Fuzzing confused dependencies with Depfuzzer
In the landscape of software development, leveraging open-source libraries and packages through registries like NPM, PyPI, Go modules, and Crates for Rust has become standard practice. This approach facilitates the rapid integration of diverse...
This website is using a security service to protect itself from online attacks. The action you just performed triggered the security solution. There are several actions that could trigger this block including submitting a certain word or phrase, a SQL command or malformed data.
You can email the...
# Presentations
_Speakers: Farzan Karimi, Xuan Xing, Eugene Rodionov, Christopher Cole_
Demonstration of Code Execution in the Titan M2 and Android Bootloader details slides
_Speakers: Eugene Rodionov, Will Deacon_
Red Team methodologies used to secure attack surface on the pKVM hypervisor....
# About
The Android Red Team, comprised of security engineers and developers, aims to safeguard Android users by identifying and mitigating critical vulnerabilities before they are exploited. Our team accomplishes this by replicating the tactics and techniques used by attackers, as well as...
Skip to main content Android Offensive Security Blog Posts Presentations About Archives 2024 Sep 20 - Binder Internals Jun 03 - Attacking Android Binder: Analysis and Exploitation of...
The ChatGPT iOS and macOS versions were vulnerable to persistent data exfiltration. This is the story behind finding the issue and getting it fixed.
In this post, we demonstrate two techniques allowing a low privileged user to escalate their privileges to root in case they can run iptables and/or iptables-save as
On June 11th, 2024, we discovered a set of vulnerabilities in Kia vehicles that allowed remote control over key functions using only a license plate. These attacks could be executed remotely on any hardware-equipped vehicle in about 30 seconds, regardless of whether it had an active Kia Connect subscription.
# Binder Internals
# Table of Contents
In our last blog, we talked about Binder CVE-2023-20938 and how we exploited it to get kernel code execution. As you may have already noticed, exploiting this issue is not straightforward. While it is often true that kernel race conditions are notoriously...
# Binder Internals
# Table of Contents
In our last blog, we talked about Binder CVE-2023-20938 and how we exploited it to get kernel code execution. As you may have already noticed, exploiting this issue is not straightforward. While it is often true that kernel race conditions are notoriously...
# Applying Security Engineering to Make Phishing Harder - A Case Study
19 Sep 2024 - Posted by Szymon Drosdzol
# Introduction
Recently Doyensec was hired by a client offering a “Communication Platform as a Service”. This platform allows their clients to craft a customer service experience...
This website is using a security service to protect itself from online attacks. The action you just performed triggered the security solution. There are several actions that could trigger this block including submitting a certain word or phrase, a SQL command or malformed data.
You can email the...
This website is using a security service to protect itself from online attacks. The action you just performed triggered the security solution. There are several actions that could trigger this block including submitting a certain word or phrase, a SQL command or malformed data.
You can email the...
This website is using a security service to protect itself from online attacks. The action you just performed triggered the security solution. There are several actions that could trigger this block including submitting a certain word or phrase, a SQL command or malformed data.
You can email the...
<div class="h2"><span id="challenge-error-text">Enable JavaScript and cookies to...
## Summary:
Hello Team,
When an invalid email address/password is entered, the Web Application will not authenticate the user. But nevertheless, it is conceivable for an attacker to get around authentication and log in as anyone else, leading to Complete Account Takeover.
## Steps To...
This website is using a security service to protect itself from online attacks. The action you just performed triggered the security solution. There are several actions that could trigger this block including submitting a certain word or phrase, a SQL command or malformed data.
You can email the...
# Defend against vampires with 10 gbps network encryption
Discover how attackers can sniff your data on network cables and how you can defend against it, by encrypting on-the-fly all your ethernet traffic with very good performance.
keywords : wireguard, vxlan, tapping, fiber optics, lan2lan,...
### Summary
An attacker with network access to a XC-303 PLC running firmware below 3.5.17 Bugfix 1 can login as root over SSH. The root password is hardcoded in the firmware.
### Severity
Crit...
This website is using a security service to protect itself from online attacks. The action you just performed triggered the security solution. There are several actions that could trigger this block including submitting a certain word or phrase, a SQL command or malformed data.
You can email the...
Veaty and Spearal, a new set of malware connected to Iranian sources, were found attacking Iraqi governmental infrastructures
Cisco Talos Intelligence Group - Comprehensive Threat Intelligence
Sep 11 2024 @ 8:59 AM
Jonathan Munshaw
This website is using a security service to protect itself from online attacks. The action you just performed triggered the security solution. There are several actions that could trigger this block including submitting a certain word or phrase, a SQL command or malformed data.
You can email the...
Welcome back to another watchTowr Labs blog. Brace yourselves, this is one of our most astounding discoveries.
Summary
What started out as a bit of fun between colleagues while avoiding the Vegas heat and $20 bottles of water in our Black Hat hotel rooms - has now seemingly become a major incident.
We recently performed research that started off "well-intentioned" (or as well-intentioned as we ever are) - to make vulnerabilities in WHOIS clients and how they parse responses from WHOIS server
This website is using a security service to protect itself from online attacks. The action you just performed triggered the security solution. There are several actions that could trigger this block including submitting a certain word or phrase, a SQL command or malformed data.
You can email the...
This website is using a security service to protect itself from online attacks. The action you just performed triggered the security solution. There are several actions that could trigger this block including submitting a certain word or phrase, a SQL command or malformed data.
You can email the...
This website is using a security service to protect itself from online attacks. The action you just performed triggered the security solution. There are several actions that could trigger this block including submitting a certain word or phrase, a SQL command or malformed data.
You can email the...
Every sysadmin is familiar with Veeam’s enterprise-oriented backup solution, ‘Veeam Backup & Replication’. Unfortunately, so is every ransomware operator, given it's somewhat 'privileged position' in the storage world of most enterprise's networks. There's no point deploying cryptolocker malware on a target unless you can also deny access to backups, and so, this class of attackers absolutely loves to break this particular software.
With so many eyes focussed on it, then, it is no huge surprise
## Summary: ##
After initiating a purchase claim, when sending chat messages it is possible to include HTML tags resulting in Stored XSS.
## Description: ##
The following request adds a comment with the XSS payload:
````
POST...
# FreeBSD 11.0+ Kernel LPE: Userspace Mutexes (umtx) Use-After-Free Race Condition
chris
## Introduction
Since 11.0-RELEASE, the FreeBSD kernel contained a race condition vulnerability
in the `_umtx_op` syscall leading to an exploitable use-after-free. It affects up
to and including the latest...