Safari 14.1 shipped in late April with many new features, including its long-awaited implementation of AudioWorklets. Shortly after, a commit landed in WebKit, fixing an AudioWorklet bug which “crashes Safari”. As it turns out, this is an exploitable type…

Using CVE-2021-21551 as an example, learn how adversaries approach weaponizing vulnerabilities, and the technologies that work best to mitigate their tactics.

Socials Twitter: https://twitter.com/Mako_Sec GitHub: https://github.com/MakoSec
Materials Used x64 Debugger https://x64dbg.com/#start
Frida https://frida.re/
Sysinternals https://docs.microsoft.com/en-us/sysinternals/downloads/
Unhooking DLL…

Discord is the easiest way to communicate over voice, video, and text. Chat, hang out, and stay close with your friends and communities.

Introduction During a recent client engagement we discovered an argument injection vulnerability in certain configurations of Refinery CMS. Upon further investigation, it was understood that the root cause of this issue existed in the Ruby Gem Dragonfly,…

Last year our team had to analyze V8 bytecode. Back then, there were no tools in place to decompile such code and facilitate convenient navigation over it. We decided to try writing a processor module for the Ghidra framework. Thanks to the features of the…

Encryption tool that's heavily inspired by the Rubberhose file system (https://en.wikipedia.org/wiki/Rubberhose_(file_system)). - GitHub - Cookie04DE/Sekura: Encryption tool that's ...

Cutting-edge cyber security research from NCC Group. Find public reports, technical advisories, analyses, & other novel insights from our global experts.

Join the journey into Plone CMS that lead us to discover an authenticated RCE vulnerability

Six months ago the UK’s Glastonbury Town Council set up a 5g Advisory Committee to explore the safety of the technology, and last month the local paper reported their findings. […]

Preface Today we’ll talk about the misuse of .LNK trigger keys as a means of achieving initial access and persistence. I first heard about this topic myself ...

Claroty has found a memory protection bypass vulnerability in Siemens SIMATIC S7-1200 and S7-1500 PLCs that enables native code execution.

Standalone client for proxies of Opera VPN. Contribute to Snawoot/opera-proxy development by creating an account on GitHub.

Contribute to google/hammer-kit development by creating an account on GitHub.

Side-channel file transfer between independent VMs or processes executed on the same physical host. - GitHub - pavel-kirienko/cpu-load-side-channel: Side-channel file transfer between independent V...

You probably already have encountered document converting features that deal with ImageMagick during engagements but for some reason you were not able to exploit them. This article will mention some t

Contribute to alt3kx/CVE-2021-21985_PoC development by creating an account on GitHub.

Background


In Feb 2021, we came across an ELF sample using some CWP’s Ndays exploits, we did some analysis, but after checking with a partner who has some nice visibility in network traffic in some China areas, we discovered there is literarily 0 hit for…