Rip Raw - A tool to analyse the memory of compromised Linux systems.
https://ift.tt/3g3k4is
Submitted January 28, 2022 at 11:11PM by 0x636f6f6c
via reddit https://ift.tt/3o75ATk
https://ift.tt/3g3k4is
Submitted January 28, 2022 at 11:11PM by 0x636f6f6c
via reddit https://ift.tt/3o75ATk
GitHub
GitHub - cado-security/rip_raw: Rip Raw is a small tool to analyse the memory of compromised Linux systems.
Rip Raw is a small tool to analyse the memory of compromised Linux systems. - GitHub - cado-security/rip_raw: Rip Raw is a small tool to analyse the memory of compromised Linux systems.
Pivoting with SSH Tunnels and Plink
https://ift.tt/3KUXfMf
Submitted January 29, 2022 at 12:23AM by m_edmondson
via reddit https://ift.tt/3r8NVfJ
https://ift.tt/3KUXfMf
Submitted January 29, 2022 at 12:23AM by m_edmondson
via reddit https://ift.tt/3r8NVfJ
Marcus Edmondson | Threat Hunting | Information Security
Pivoting with SSH Tunnels and Plink
Today I wanted to do a blog post on pivoting with SSH tunnels and using Plink to forward connections to other computers, once you have a foothold in an environment. For this scenario, I used two Vi…
Detecting and mitigating CVE-2021-4034: “Pwnkit” local privilege escalation
https://ift.tt/3rXA4bn
Submitted January 29, 2022 at 04:50AM by MiguelHzBz
via reddit https://ift.tt/3ILlUkj
https://ift.tt/3rXA4bn
Submitted January 29, 2022 at 04:50AM by MiguelHzBz
via reddit https://ift.tt/3ILlUkj
Sysdig
Detecting and mitigating CVE-2021-4034: “Pwnkit” local privilege escalation – Sysdig
Local privilege escalation bug in SUID-set program ‘pkexec’. CVE-2021-4034 and nicknamed “pwnkit” by the vulnerability finders.
Apple iCloud / iMessage has a bug that may leave you vulnerable to a data breach
https://ift.tt/oqmS9yAhM
Submitted January 30, 2022 at 07:46AM by offthegridit
via reddit https://ift.tt/KNf7UAJIE
https://ift.tt/oqmS9yAhM
Submitted January 30, 2022 at 07:46AM by offthegridit
via reddit https://ift.tt/KNf7UAJIE
offthegridit
Messaging Bug
We provide on-site and remote computer repair, IT Consulting, Mac, PC, Linux, and network support. Yes we make WiFi better!
Apple iCloud / iMessage security vulnerability
https://ift.tt/Jdq3Ybu0T
Submitted January 30, 2022 at 07:27AM by offthegridit
via reddit https://ift.tt/lLsrOGKiA
https://ift.tt/Jdq3Ybu0T
Submitted January 30, 2022 at 07:27AM by offthegridit
via reddit https://ift.tt/lLsrOGKiA
CVE-2022-0329 and the problems with automated vulnerability management
https://ift.tt/P0oVW6qRa
Submitted January 30, 2022 at 09:02AM by Most-Loss5834
via reddit https://ift.tt/z09iDORe7
https://ift.tt/P0oVW6qRa
Submitted January 30, 2022 at 09:02AM by Most-Loss5834
via reddit https://ift.tt/z09iDORe7
Intro to Embedded RE Part 3: UART Discovery and Firmware Extraction via UBoot
https://ift.tt/C0zFKedjq
Submitted January 31, 2022 at 03:36AM by wrongbaud
via reddit https://ift.tt/EkrvJZXOT
https://ift.tt/C0zFKedjq
Submitted January 31, 2022 at 03:36AM by wrongbaud
via reddit https://ift.tt/EkrvJZXOT
reddit
Intro to Embedded RE Part 3: UART Discovery and Firmware...
Posted in r/netsec by u/wrongbaud • 1 point and 1 comment
A story of leaking uninitialized memory from Fastly
https://ift.tt/eZylaMAKb
Submitted January 31, 2022 at 08:12PM by albinowax
via reddit https://ift.tt/wGM3N5csQ
https://ift.tt/eZylaMAKb
Submitted January 31, 2022 at 08:12PM by albinowax
via reddit https://ift.tt/wGM3N5csQ
Medium
A story of leaking uninitialized memory from Fastly
The post go through a QUIC (HTTP/3) implementation bug in the H2O webserver. The bug is interesting as it affected Fastly, a well-known…
TrendNET AC2600 RCE from the Internet
https://ift.tt/WYvQXbnLc
Submitted January 31, 2022 at 08:09PM by dinobyt3s
via reddit https://ift.tt/1IQ4CqDnM
https://ift.tt/WYvQXbnLc
Submitted January 31, 2022 at 08:09PM by dinobyt3s
via reddit https://ift.tt/1IQ4CqDnM
Medium
TrendNET AC2600 RCE via WAN
This blog provides a walkthrough of how to gain RCE on the TrendNET AC2600 (model TEW-827DRU specifically) consumer router via the WAN…
Reverse Engineering 3201: Symbolic Analysis
https://ift.tt/kVsAZ367p
Submitted January 31, 2022 at 08:56PM by OpenSecurityTraining
via reddit https://ift.tt/qYPaxuSOX
https://ift.tt/kVsAZ367p
Submitted January 31, 2022 at 08:56PM by OpenSecurityTraining
via reddit https://ift.tt/qYPaxuSOX
p.ost2.fyi
Reverse Engineering 3201: Symbolic Analysis
This class is an introduction to Symbolic Analysis and Execution of binaries. It requires you to know x86-64 assembly, and be comfortable with Python3 programming.
RCE and Auth Bypass in Aqua Illumination Hydra Series Aquarium Lights
https://ift.tt/Vr6LeHviM
Submitted January 31, 2022 at 09:50PM by laransec
via reddit https://ift.tt/pd4SnU0VC
https://ift.tt/Vr6LeHviM
Submitted January 31, 2022 at 09:50PM by laransec
via reddit https://ift.tt/pd4SnU0VC
GitHub
GitHub - Laransec/AIHydra: Exploit Writeup and POC for AI Hydra 26 (and probably 52) series lights
Exploit Writeup and POC for AI Hydra 26 (and probably 52) series lights - GitHub - Laransec/AIHydra: Exploit Writeup and POC for AI Hydra 26 (and probably 52) series lights
Don't trust comments
https://ift.tt/mlK1iWjy8
Submitted February 01, 2022 at 03:00AM by crower
via reddit https://ift.tt/Z5f3ykM0r
https://ift.tt/mlK1iWjy8
Submitted February 01, 2022 at 03:00AM by crower
via reddit https://ift.tt/Z5f3ykM0r
nns.ee
Don't trust comments
And habitually review the third party code you're using - even when it's in thestandard library.
Analyzing Malware with Hooks, Stomps and Return-addresses
https://ift.tt/Den4rtm0g
Submitted February 01, 2022 at 05:19AM by jat0369
via reddit https://ift.tt/waWCtLRqc
https://ift.tt/Den4rtm0g
Submitted February 01, 2022 at 05:19AM by jat0369
via reddit https://ift.tt/waWCtLRqc
Cyberark
Analyzing Malware with Hooks, Stomps and Return-addresses
Table of Contents Introduction The First Detection The Module Stomp Bypass The Module Stomp Detection Final Thoughts Introduction This is the second post in my series and with this post we will...
Remote root vulnerability for Samba (CVE 2021-44142)
https://ift.tt/fzPuWyKw2
Submitted February 01, 2022 at 12:52PM by lormayna
via reddit https://ift.tt/1Q7LkjUhD
https://ift.tt/fzPuWyKw2
Submitted February 01, 2022 at 12:52PM by lormayna
via reddit https://ift.tt/1Q7LkjUhD
reddit
Remote root vulnerability for Samba (CVE 2021-44142)
Posted in r/netsec by u/lormayna • 208 points and 33 comments
Domain Escalation – Machine Accounts
https://ift.tt/dYZ1Kt8S4
Submitted February 01, 2022 at 06:18PM by netbiosX
via reddit https://ift.tt/lShN9OWDQ
https://ift.tt/dYZ1Kt8S4
Submitted February 01, 2022 at 06:18PM by netbiosX
via reddit https://ift.tt/lShN9OWDQ
Penetration Testing Lab
Domain Escalation – Machine Accounts
The pass the hash technique is not new and it was usually used for lateral movement on the network in scenarios where the administrator password hash could not be cracked due to complexity or asses…
Using PwnKit-Hunter to check for CVE-2021-4034 Vulnerable Systems
https://ift.tt/spKRnVEWB
Submitted February 01, 2022 at 08:23PM by jat0369
via reddit https://ift.tt/zboBqWiXE
https://ift.tt/spKRnVEWB
Submitted February 01, 2022 at 08:23PM by jat0369
via reddit https://ift.tt/zboBqWiXE
Cyberark
Checking for Vulnerable Systems for CVE-2021-4034 with PwnKit-Hunter
What is PwnKit Vulnerability CVE-2021-4034? On January 25th, 2022, a critical vulnerability in polkit’s pkexec was publicly disclosed (link). The Qualys research team named this vulnerability...
New Hybrid Campaign OiVaVoii Uses Malicious OAuth Apps | Cyware Hacker News
https://ift.tt/kn4xCodXu
Submitted February 02, 2022 at 01:19AM by ITlocknkey
via reddit https://ift.tt/zFvgaeYf3
https://ift.tt/kn4xCodXu
Submitted February 02, 2022 at 01:19AM by ITlocknkey
via reddit https://ift.tt/zFvgaeYf3
Cyware Labs
New Hybrid Campaign OiVaVoii Uses Malicious OAuth Apps | Cyware Hacker News
OiVaVoii is targeting general managers and company executives with malicious OAuth apps and custom phishing messages sent from hijacked Microsoft Office 365 accounts.
Inside Trickbot, Russia’s Notorious Ransomware Gang
https://ift.tt/dA8gl9zwh
Submitted February 02, 2022 at 02:50AM by CyberMasterV
via reddit https://ift.tt/0hLK1sfab
https://ift.tt/dA8gl9zwh
Submitted February 02, 2022 at 02:50AM by CyberMasterV
via reddit https://ift.tt/0hLK1sfab
WIRED UK
Inside Trickbot, Russia’s Notorious Ransomware Gang
Internal messages WIRED has viewed shed new light on the operators of one of the world's biggest botnets.
Periodic security newsletters that capture the latest news, summaries of conference talks, research, best practices, tools, events, vulnerabilities, and analysis of trending threats and attacks
https://ift.tt/n8TsCXvl1
Submitted February 02, 2022 at 08:40AM by mymalema
via reddit https://ift.tt/GbsS4mfAy
https://ift.tt/n8TsCXvl1
Submitted February 02, 2022 at 08:40AM by mymalema
via reddit https://ift.tt/GbsS4mfAy
GitHub
GitHub - TalEliyahu/awesome-security-newsletters: Periodic cyber security newsletters that capture the latest news, summaries of…
Periodic cyber security newsletters that capture the latest news, summaries of conference talks, research, best practices, tools, events, vulnerabilities, and analysis of trending threats and attac...
Hacking Google Drive Integrations
https://ift.tt/tZYmN1748
Submitted February 02, 2022 at 08:21PM by albinowax
via reddit https://ift.tt/DXIxslomr
https://ift.tt/tZYmN1748
Submitted February 02, 2022 at 08:21PM by albinowax
via reddit https://ift.tt/DXIxslomr
GitHub
writeups/Hacking-Google-Drive-Integrations.md at main · httpvoid/writeups
Contribute to httpvoid/writeups development by creating an account on GitHub.
Using Power Automate for Covert Data Exfiltration in Microsoft 365
https://ift.tt/wsPA3eLua
Submitted February 03, 2022 at 12:59AM by rsobers
via reddit https://ift.tt/wct1N6id5
https://ift.tt/wsPA3eLua
Submitted February 03, 2022 at 12:59AM by rsobers
via reddit https://ift.tt/wct1N6id5
Varonis
Using Power Automate for Covert Data Exfiltration in Microsoft 365
How threat actors can use Microsoft Power Automate to automate data exfiltration, C2 communication, lateral movement, and evade DLP solutions.