AMD Will Release CPU Microcode Updates for Spectre Flaw This Week
https://www.bleepingcomputer.com/news/hardware/amd-will-release-cpu-microcode-updates-for-spectre-flaw-this-week/

AMD officially admitted today that its processors are not vulnerable to the Meltdown bug, but are affected by both variants of the Spectre flaw. [...]

How to Attract More Women Into Cybersecurity - Now
https://www.darkreading.com/careers-and-people/how-to-attract-more-women-into-cybersecurity---now/d/d-id/1330816?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple

A recent survey finds a number of attributes women seek in their careers can be found in a cybersecurity profession - the dots just need to be connected.

NEW PYTHON-BASED CRYPTO-MINER BOTNET FLYING UNDER THE RADAR
https://f5.com/labs/articles/threat-intelligence/malware/new-python-based-crypto-miner-botnet-flying-under-the-radar?sf178360556=1

Slui File Handler Hijack UAC bypass (fileless), works from Windows 8 up to Windows 10 RS4 17074

https://github.com/bytecode-77/slui-file-handler-hijack-privilege-escalation

Linux and Windows Servers Targeted with RubyMiner Malware
https://www.bleepingcomputer.com/news/security/linux-and-windows-servers-targeted-with-rubyminer-malware/

Security researchers have spotted a new strain of malware being deployed online. Named RubyMiner, this malware is a cryptocurrency miner spotted going after outdated web servers. [...]

Canadian Police Charge Operator of Hacked Password Service Leakedsource.com
https://krebsonsecurity.com/2018/01/canadian-police-charge-operator-of-hacked-password-service-leakedsource-com/

Canadian authorities have arrested and charged a 27-year-old Ontario man for allegedly selling billions of stolen passwords online through the now-defunct service Leakedsource.com.

OWASP ZSC is an open source obfuscated code generator tool in Python which lets you generate customized shellcodes and convert noscripts to an obfuscated noscript.

Shellcodes are small codes in Assembly language which could be used as the payload in software exploitation. Other usages are in malware, bypassing antivirus software, obfuscating code for protection and so on.
This software can be run on Windows/Linux/OSX under Python.
Why use OWASP ZSC Obfuscated Code Generator Tool
Another good reason for obfuscating files or generating shellcode with ZSC is that it can be used for pen-testing assignments.
Read the rest of OWASP ZSC – Obfuscated Code Generator Tool now! Only available at Darknet. (https://www.darknet.org.uk/2018/01/owasp-zsc-obfuscated-code-generator-tool/)

Damn Vulnerable ARM Router
http://blog.exploitlab.net/2018/01/dvar-damn-vulnerable-arm-router.html?m=1

CSRF in Oculus-Facebook

https://www.josipfranjkovic.com/blog/hacking-facebook-oculus-integration-csrf

Linux kernel ioctls race condition -> use after free

Upstream : https://github.com/torvalds/linux/commit/b3defb791b26ea0683a93a4f49c77ec45ec96f10

call stack:

thread a:
-> snd_seq_write
   -> snd_seq_client_enqueue_event 
      -> snd_seq_event_dup
         -> snd_seq_cell_alloc
            -> schedule -> thread b

thread b:
-> snd_seq_ioctl_set_client_pool
   -> snd_seq_pool_mark_closing    (set closeing to 1)
   -> snd_seq_queue_client_leave_cells  (release cell)
      -> wake_up -> thread a

thread a:
-> snd_seq_ioctl_set_client_pool
   -> snd_seq_pool_mark_closing    (set closeing to 1 again)
   -> snd_seq_queue_client_leave_cells  (already release cell by thread b)
   -> snd_seq_pool_done    (release pool and allocate new pool, 2cd pool;
                set closeing to 0)
-> snd_seq_write
   -> snd_seq_client_enqueue_event 
      -> snd_seq_event_dup
         -> snd_seq_cell_alloc
            -> schedule -> thread b

thread b:
   back to snd_seq_queue_client_leave_cells, after func wake_up
   -> snd_seq_queue_client_leave_cells
   -> snd_seq_pool_done    (release pool and allocate new pool, 3rd pool;
             set closeing to 0)
      (leave 2cd pool's cell unhandled)
      -> wake_up -> thread a:

thread a:
-> snd_seq_cell_alloc:
   while (pool->free == NULL && ! nonblock && ! pool->closing)
   meet dead loop, now pool in thread a is the 2cd pool, has been released,
   now is a wild pointer.

[Digikala] Infinity loop client side bug,

Just for fun!

#Google #XSS by Coltuneac Alexandru

https://github.com/fireeye/flare-vm

flare-vm is a fully customizable, Windows-based security distribution for malware analysis, incident response, penetration testing, etc.

Exobot Author Calls It Quits and Sells Off Banking Trojan Source Code
https://www.bleepingcomputer.com/news/security/exobot-author-calls-it-quits-and-sells-off-banking-trojan-source-code/

Things are about to get a lot worse for Android users after the source code of a highly advanced Android banking trojan has been sold to different parties on a well-known hacking forum. [...]

Linux Kernels 4.14.14, 4.9.77, 4.4.112, and 3.18.92 Released with Security Fixes [Meltdown and Spectre patches in the Linux kernel]


http://news.softpedia.com/news/linux-kernels-4-14-14-4-9-77-4-4-112-and-3-18-92-released-with-security-fixes-519427.shtml

Pivot, Exploit, Death by Firewall |
https://warroom.securestate.com/portfowarding-pivoting/

Source code test shellcode by Jems forshow of google project zero

https://github.com/raminfp/shellcode