DOing Harm
https://ift.tt/8l4gqoN
Submitted May 03, 2022 at 07:31AM by netsecfriends
via reddit https://ift.tt/JoV6Bzg
https://ift.tt/8l4gqoN
Submitted May 03, 2022 at 07:31AM by netsecfriends
via reddit https://ift.tt/JoV6Bzg
remyhax.xyz
DOing Harm
There’s this thing called Windows Delivery Optimization which allows “you to get Windows updates and Microsoft Store apps from sources in addition to Microsoft, like other PCs on your local network, or PCs on the internet that are downloading the same files.
Hacking a Bank by Finding a 0day in dotCMS
https://ift.tt/vTHxd7V
Submitted May 03, 2022 at 01:47PM by Mempodipper
via reddit https://ift.tt/a25vMEA
https://ift.tt/vTHxd7V
Submitted May 03, 2022 at 01:47PM by Mempodipper
via reddit https://ift.tt/a25vMEA
Zyxel firmware extraction and password analysis
https://ift.tt/oClFWGK
Submitted May 03, 2022 at 04:13PM by 0xdea
via reddit https://ift.tt/plKUb9X
https://ift.tt/oClFWGK
Submitted May 03, 2022 at 04:13PM by 0xdea
via reddit https://ift.tt/plKUb9X
hn security
Zyxel firmware extraction and password analysis - hn security
Backstory During a red teaming exercise […]
AvosLocker Ransomware Variant Abuses Avast Anti-Rootkit Driver File to Disable Anti-Virus
https://ift.tt/EyNlA4d
Submitted May 03, 2022 at 06:29PM by campuscodi
via reddit https://ift.tt/ASL735W
https://ift.tt/EyNlA4d
Submitted May 03, 2022 at 06:29PM by campuscodi
via reddit https://ift.tt/ASL735W
Trend Micro
AvosLocker Ransomware Variant Abuses Driver File to Disable Anti-Virus, Scans for Log4shell
We found an AvosLocker ransomware variant using a legitimate antivirus component to disable detection and blocking solutions.
Compromising Read-Only Containers with Fileless Malware
https://ift.tt/79XAFwS
Submitted May 03, 2022 at 09:41PM by MiguelHzBz
via reddit https://ift.tt/zYbXxoe
https://ift.tt/79XAFwS
Submitted May 03, 2022 at 09:41PM by MiguelHzBz
via reddit https://ift.tt/zYbXxoe
Sysdig
Compromising read-only containers with fileless malware – Sysdig
A read-only file system will not provide adequate protection to mitigate all vulnerabilities exploited via fileless malware techniques.
New update from Google's Threat Analysis Group finds numerous APTs running campaigns in Ukraine and Est. Europe, including Fancy Bear (Russia), Ghostwriter (Belarus) and Curious Gorge (China).
https://ift.tt/KlnHqX3
Submitted May 03, 2022 at 09:57PM by Ramsey_Power
via reddit https://ift.tt/7iLh8eW
https://ift.tt/KlnHqX3
Submitted May 03, 2022 at 09:57PM by Ramsey_Power
via reddit https://ift.tt/7iLh8eW
Google
Update on cyber activity in Eastern Europe
An update on cyber activity in eastern Europe.
Privilege escalation vulnerabilities discovered in Linux known as Nimbuspwn
https://ift.tt/lIgqtYU
Submitted May 03, 2022 at 11:51PM by sciencestudent99
via reddit https://ift.tt/EGkZF5f
https://ift.tt/lIgqtYU
Submitted May 03, 2022 at 11:51PM by sciencestudent99
via reddit https://ift.tt/EGkZF5f
FourCore
Privilege escalation vulnerabilities discovered in Linux known as Nimbuspwn - FourCore
Microsoft has disclosed a group of vulnerabilities in Linux known as Nimbuspwn that allows attackers to gain root privileges on a vulnerable system. Find out if you are vulnerable.
Nozomi Networks Discovers Unpatched DNS Bug in Popular C Standard Library Putting IoT at Risk
https://ift.tt/ygLvsbc
Submitted May 04, 2022 at 01:34AM by 39816561
via reddit https://ift.tt/xQLgRsc
https://ift.tt/ygLvsbc
Submitted May 04, 2022 at 01:34AM by 39816561
via reddit https://ift.tt/xQLgRsc
Nozominetworks
Nozomi Networks Discovers Unpatched DNS Bug in Popular C Standard Library Putting IoT at Risk
Nozomi Networks Labs has disclosed an unpatched vulnerability affecting the DNS of popular C standard libraries potentially in use by millions of IoT devices: uClibc and uClibc-ng.
Responsible Disclosure: 6000 Vulnerability Submissions Later
https://ift.tt/GZTv5cm
Submitted May 04, 2022 at 01:55AM by ibuydan
via reddit https://ift.tt/lc0kKQw
https://ift.tt/GZTv5cm
Submitted May 04, 2022 at 01:55AM by ibuydan
via reddit https://ift.tt/lc0kKQw
Useful Security Tools and Resources for Digital Forensics
https://ift.tt/DPZWlJp
Submitted May 04, 2022 at 04:41AM by Khaotic_Kernel
via reddit https://ift.tt/ZeVP1UG
https://ift.tt/DPZWlJp
Submitted May 04, 2022 at 04:41AM by Khaotic_Kernel
via reddit https://ift.tt/ZeVP1UG
GitHub
GitHub - mikeroyal/Digital-Forensics-Guide: Digital Forensics Guide. Learn all about Digital Forensics, Computer Forensics, Mobile…
Digital Forensics Guide. Learn all about Digital Forensics, Computer Forensics, Mobile device Forensics, Network Forensics, and Database Forensics. - GitHub - mikeroyal/Digital-Forensics-Guide: Dig...
Exploiting Dynamic Linking Procedure In x64 ELF Binaries
https://ift.tt/xZprTdb
Submitted May 04, 2022 at 10:23AM by paran0ide
via reddit https://ift.tt/0YSONCr
https://ift.tt/xZprTdb
Submitted May 04, 2022 at 10:23AM by paran0ide
via reddit https://ift.tt/0YSONCr
Syst3m Failure
Ret2dl_resolve x64: Exploiting Dynamic Linking Procedure In x64 ELF Binaries
In this article, we will start analyzing the lazy binding process, we will proceed dissecting dl-runtime, understanding when is possible to use this technique without a leak, and finally we will build our exploit.
Themes from Real World Crypto 2022
https://ift.tt/Gkr1Kba
Submitted May 04, 2022 at 11:05AM by yossarian_flew_away
via reddit https://ift.tt/09EwvNb
https://ift.tt/Gkr1Kba
Submitted May 04, 2022 at 11:05AM by yossarian_flew_away
via reddit https://ift.tt/09EwvNb
Trail of Bits Blog
Themes from Real World Crypto 2022
By William Woodruff Last week, over 500 cryptographers from around the world gathered in Amsterdam for Real World Crypto 2022, meeting in person for the first time in over two years. As in previous…
Authenticating with certificates when PKINIT is not supported
https://ift.tt/bT03Vom
Submitted May 04, 2022 at 06:09PM by the-useless-one
via reddit https://ift.tt/xFN4InE
https://ift.tt/bT03Vom
Submitted May 04, 2022 at 06:09PM by the-useless-one
via reddit https://ift.tt/xFN4InE
reddit
Authenticating with certificates when PKINIT is not supported
Posted in r/netsec by u/the-useless-one • 74 points and 0 comments
Shady economics of proxy services
https://ift.tt/kWi2Vcm
Submitted May 04, 2022 at 07:00PM by rushter_
via reddit https://ift.tt/ulikPe0
https://ift.tt/kWi2Vcm
Submitted May 04, 2022 at 07:00PM by rushter_
via reddit https://ift.tt/ulikPe0
Artem Golubin
Shady economics of proxy services
This article explains shady economics of proxy services — its users and suppliers.
UNC3524: Eye Spy on Your Email
https://ift.tt/cv1ReOX
Submitted May 03, 2022 at 02:10AM by mattjayy
via reddit https://ift.tt/xWjV9Hy
https://ift.tt/cv1ReOX
Submitted May 03, 2022 at 02:10AM by mattjayy
via reddit https://ift.tt/xWjV9Hy
Mandiant
UNC3524: Eye Spy on Your Email | Mandiant
North Korea’s Lazarus: their initial access trade-craft using social media and social engineering
https://ift.tt/M1QkLpT
Submitted May 05, 2022 at 02:15PM by digicat
via reddit https://ift.tt/XzpujdS
https://ift.tt/M1QkLpT
Submitted May 05, 2022 at 02:15PM by digicat
via reddit https://ift.tt/XzpujdS
Nccgroup
Cyber Security Research
Cutting-edge cyber security research from NCC Group. Find public reports, technical advisories, analyses, & other novel insights from our global experts.
The curious case of mavinject.exe
https://ift.tt/QjFLvDA
Submitted May 05, 2022 at 08:27PM by sciencestudent99
via reddit https://ift.tt/xBVLbWI
https://ift.tt/QjFLvDA
Submitted May 05, 2022 at 08:27PM by sciencestudent99
via reddit https://ift.tt/xBVLbWI
FourCore
The curious case of mavinject.exe
Mavinject, described as Microsoft Application Visualisation Injector, is a signed Microsoft executable that can be abused to perform arbitrary code injections inside any running process.
A Deep Dive into AvosLocker Ransomware
https://ift.tt/gfaDJrY
Submitted May 05, 2022 at 08:16PM by CyberMasterV
via reddit https://ift.tt/FoLg7rH
https://ift.tt/gfaDJrY
Submitted May 05, 2022 at 08:16PM by CyberMasterV
via reddit https://ift.tt/FoLg7rH
An Easy Misconfiguration to Make: Hidden Dangers in the Cloud Control Plane
https://ift.tt/LNyrQug
Submitted May 05, 2022 at 11:24PM by ajohnston9
via reddit https://ift.tt/MtImjo3
https://ift.tt/LNyrQug
Submitted May 05, 2022 at 11:24PM by ajohnston9
via reddit https://ift.tt/MtImjo3
www.mitiga.io
An Easy Misconfiguration to Make: Hidden Dangers in the Cloud Control Plane
The biggest risk in cloud development is not recognizing the differences between cloud and traditional definitions of common architecture terms. For example, imagine a system that is completely “firewalled off”—a firewall prevents any inbound or outbound…
From KBs to CVEs: Understanding the Relationships Between Windows Security Updates and Vulnerabilities
https://ift.tt/Td64RkL
Submitted May 06, 2022 at 02:09AM by derp6996
via reddit https://ift.tt/T5Pls8N
https://ift.tt/Td64RkL
Submitted May 06, 2022 at 02:09AM by derp6996
via reddit https://ift.tt/T5Pls8N
Fuzzing ClamAV with real malware samples
https://ift.tt/WfzhX8p
Submitted May 06, 2022 at 11:14AM by mmmds
via reddit https://ift.tt/Fpi5cOu
https://ift.tt/WfzhX8p
Submitted May 06, 2022 at 11:14AM by mmmds
via reddit https://ift.tt/Fpi5cOu
reddit
Fuzzing ClamAV with real malware samples
Posted in r/netsec by u/mmmds • 67 points and 2 comments