We Love Relaying Credentials: A Technical Guide to Relaying Credentials Everywhere
https://ift.tt/neGO1rN
Submitted May 18, 2022 at 12:27AM by mgalloar
via reddit https://ift.tt/C8MnhWi
https://ift.tt/neGO1rN
Submitted May 18, 2022 at 12:27AM by mgalloar
via reddit https://ift.tt/C8MnhWi
SecureAuth
We Love Relaying Credentials: A Technical Guide to Relaying Credentials Everywhere
A guide to relaying credentials everywhere in 2022 NTLM relay is a well-known technique that has been with us for many years and never seems to go away. Almost every article about NTLM relay could start with that phrase. It could be a cliché but it’s almost…
Stealing Google Drive OAuth tokens from Dropbox
https://ift.tt/FU16xvG
Submitted May 18, 2022 at 01:48AM by staz0t
via reddit https://ift.tt/R28tPBj
https://ift.tt/FU16xvG
Submitted May 18, 2022 at 01:48AM by staz0t
via reddit https://ift.tt/R28tPBj
Stazot
Sivanesh Ashok
Blog about bug bounty and infosec research
TProxy: Wireshark dissection with manual and noscripted interception
https://ift.tt/5NPbKgZ
Submitted May 18, 2022 at 10:25AM by mexicanw
via reddit https://ift.tt/xDcfqwp
https://ift.tt/5NPbKgZ
Submitted May 18, 2022 at 10:25AM by mexicanw
via reddit https://ift.tt/xDcfqwp
Reddit
From the netsec community on Reddit: TProxy: Wireshark dissection with manual and noscripted interception
Posted by mexicanw - 21 votes and 5 comments
Wizard Spider hacking group detailed analysis
https://ift.tt/AetzjWn
Submitted May 18, 2022 at 06:22PM by wtfse
via reddit https://ift.tt/T5gRqat
https://ift.tt/AetzjWn
Submitted May 18, 2022 at 06:22PM by wtfse
via reddit https://ift.tt/T5gRqat
Variant Cloud Analysis
https://ift.tt/lWUJ2w5
Submitted May 18, 2022 at 07:53PM by Gallus
via reddit https://ift.tt/xVHk1o4
https://ift.tt/lWUJ2w5
Submitted May 18, 2022 at 07:53PM by Gallus
via reddit https://ift.tt/xVHk1o4
jspin.re - Keep hacking!
Variant Cloud Analysis
Another yet quick blog post. A few years ago, 3 or 4, maybe 5, I was "working" with @marcioalm in a "Simple Web Vulnerability Scanner" tool intended to be part of an automation vulnerability check for a large and specific environment. Keep in mind that adventure…
Anonymous Social Network Yik Yak Breached Precise GPS Locations
https://ift.tt/wJEx0qT
Submitted May 19, 2022 at 02:16AM by mkdtsh
via reddit https://ift.tt/E8bWa7r
https://ift.tt/wJEx0qT
Submitted May 19, 2022 at 02:16AM by mkdtsh
via reddit https://ift.tt/E8bWa7r
Medium
Yik Yak Vulnerability Exposed Precise GPS Locations: Analysis
Yik Yak app contained a sensitive information disclosure vulnerability that could allow an attacker to de-anonymize the user’s…
Killnet Attacks Against Italy and NATO Countries
https://ift.tt/jw2GJ1O
Submitted May 19, 2022 at 03:20PM by MiguelHzBz
via reddit https://ift.tt/oGpMhwL
https://ift.tt/jw2GJ1O
Submitted May 19, 2022 at 03:20PM by MiguelHzBz
via reddit https://ift.tt/oGpMhwL
Sysdig
Killnet cyber attacks against Italy and NATO countries – Sysdig
The hacker group Killnet claimed the attacks against Italy. How it's possible to detect the activities of the Mirai botnet used through Falco
Exploiting an Unbounded memcpy in a Guest-to-Host escape of Parallels Desktop
https://ift.tt/PAjTLHv
Submitted May 19, 2022 at 08:39PM by gaasedelen
via reddit https://ift.tt/9GETu32
https://ift.tt/PAjTLHv
Submitted May 19, 2022 at 08:39PM by gaasedelen
via reddit https://ift.tt/9GETu32
RET2 Systems Blog
Exploiting an Unbounded memcpy in Parallels Desktop
This post details the development of a guest-to-host virtualization escape for Parallels Desktop on macOS, as used in our successful Pwn2Own 2021 entry. Give...
Rise in XorDdos: A deeper look at the stealthy DDoS malware targeting Linux devices
https://ift.tt/aoPV2UX
Submitted May 19, 2022 at 09:56PM by SCI_Rusher
via reddit https://ift.tt/kFYvW8K
https://ift.tt/aoPV2UX
Submitted May 19, 2022 at 09:56PM by SCI_Rusher
via reddit https://ift.tt/kFYvW8K
Microsoft News
Rise in XorDdos: A deeper look at the stealthy DDoS malware targeting Linux devices
Observing a 254% increase in activity over the last six months from a versatile Linux trojan called XorDdos, the Microsoft 365 Defender research team provides in-depth analysis into this stealthy malware's capabilities and key infection signs.
Scam and Malicious APK targeting Malaysian: MyMaidKL Technical Analysis
https://ift.tt/iBLW8xm
Submitted May 20, 2022 at 12:49AM by Rempah
via reddit https://ift.tt/sbd84Hj
https://ift.tt/iBLW8xm
Submitted May 20, 2022 at 12:49AM by Rempah
via reddit https://ift.tt/sbd84Hj
Netbytesec
Scam and Malicious APK targeting Malaysian: MyMaidKL Technical Analysis
This post was authored by Taqi and Rosamira
Hack The Box - Timing - Writeup by Mădălin Dogaru
https://ift.tt/xCf5aR7
Submitted May 19, 2022 at 12:30AM by Madalin_Dogaru
via reddit https://ift.tt/sk5S087
https://ift.tt/xCf5aR7
Submitted May 19, 2022 at 12:30AM by Madalin_Dogaru
via reddit https://ift.tt/sk5S087
Sentientchip
Timing - HTB Writeup
how to hack timing on hack the box
A journey into IoT - Unknown Chinese alarm - Part 2 - Firmware dump and analysis
https://ift.tt/Dk5i2C0
Submitted May 20, 2022 at 01:56PM by 0xdea
via reddit https://ift.tt/Tq6jupz
https://ift.tt/Dk5i2C0
Submitted May 20, 2022 at 01:56PM by 0xdea
via reddit https://ift.tt/Tq6jupz
hn security
A journey into IoT - Unknown Chinese alarm - Part 2 - Firmware dump and analysis - hn security
Disclaimer: as many other security researchers […]
Hacking Chinese IoT FoR $10000
https://ift.tt/AgNXp2W
Submitted May 21, 2022 at 12:47AM by sciencestudent99
via reddit https://ift.tt/tYVIJBH
https://ift.tt/AgNXp2W
Submitted May 21, 2022 at 12:47AM by sciencestudent99
via reddit https://ift.tt/tYVIJBH
Bits & Signals: Qatar International Cybersecurity Competition
Bits & Signals: Qatar International Cybersecurity Competition :: silly onions — Opinionated articles
TL;DR: Al Capwn goes international! We won the second prize hacking hardware with our 15$ (1000 INR) SDR and Logic Analyzer in Doha, Qatar! In October 2019, Members of Al Capwn flew from New Delhi, India to Doha, Qatar to attend Qatar International Cybersecurity…
Matryoshka Trap: Recursive MMIO Flaws Lead to VM Escape
https://ift.tt/b4Uxv0h
Submitted May 21, 2022 at 04:49AM by Bison-Neat
via reddit https://ift.tt/WjJNBzc
https://ift.tt/b4Uxv0h
Submitted May 21, 2022 at 04:49AM by Bison-Neat
via reddit https://ift.tt/WjJNBzc
GitHub
GitHub - QiuhaoLi/CVE-2021-3929-3947: Recursive MMIO VM Escape PoC
Recursive MMIO VM Escape PoC. Contribute to QiuhaoLi/CVE-2021-3929-3947 development by creating an account on GitHub.
When eBPF meets TLS! A Security Focused Introduction to eBPF
https://ift.tt/DACQoua
Submitted May 21, 2022 at 03:52AM by guedou
via reddit https://ift.tt/ncuFpZs
https://ift.tt/DACQoua
Submitted May 21, 2022 at 03:52AM by guedou
via reddit https://ift.tt/ncuFpZs
$547 Worth of 18 Books on Python Coding by Starch Press for $18 (-97% oFF)
https://ift.tt/N1xD2wu
Submitted May 21, 2022 at 04:49PM by Josephilo
via reddit https://ift.tt/qbrt6MX
https://ift.tt/N1xD2wu
Submitted May 21, 2022 at 04:49PM by Josephilo
via reddit https://ift.tt/qbrt6MX
Metastealer – filling the Racoon void
https://ift.tt/iMRIoGT
Submitted May 21, 2022 at 08:00PM by digicat
via reddit https://ift.tt/B3E1d8O
https://ift.tt/iMRIoGT
Submitted May 21, 2022 at 08:00PM by digicat
via reddit https://ift.tt/B3E1d8O
Nccgroup
Cyber Security Research
Cutting-edge cyber security research from NCC Group. Find public reports, technical advisories, analyses, & other novel insights from our global experts.
connmap - X11 desktop widget that shows location of your current network peers on a world map
https://ift.tt/5whR2DP
Submitted May 23, 2022 at 12:05AM by jafarlihi
via reddit https://ift.tt/2hAVc3F
https://ift.tt/5whR2DP
Submitted May 23, 2022 at 12:05AM by jafarlihi
via reddit https://ift.tt/2hAVc3F
GitHub
GitHub - jafarlihi/connmap: connmap is an X11 desktop widget that shows location of your current network peers on a world map
connmap is an X11 desktop widget that shows location of your current network peers on a world map - GitHub - jafarlihi/connmap: connmap is an X11 desktop widget that shows location of your current ...
Exploit Development: No Code Execution? No Problem! Living The Age of VBS, HVCI, and Kernel CFG
https://ift.tt/kAmZ6wS
Submitted May 23, 2022 at 10:33AM by 0xdea
via reddit https://ift.tt/wsY0PrM
https://ift.tt/kAmZ6wS
Submitted May 23, 2022 at 10:33AM by 0xdea
via reddit https://ift.tt/wsY0PrM
Connor McGarr’s Blog
Exploit Development: No Code Execution? No Problem! Living The Age of VBS, HVCI, and Kernel CFG
Dealing with Virtualization-Based Security (VBS), Hypervisor-Protected Code Integrity (HVCI), and Kernel Control Flow Guard (kCFG).
I wrote this more from an "analyze rootkit" perspective, but it's equally as valid for "driver bug hunting". Hope you enjoy.
https://ift.tt/YfSwbE9
Submitted May 23, 2022 at 02:06PM by 0x4ndr3
via reddit https://ift.tt/SdwYuoN
https://ift.tt/YfSwbE9
Submitted May 23, 2022 at 02:06PM by 0x4ndr3
via reddit https://ift.tt/SdwYuoN
Medium
Starting dynamic analysis on a Windows x64 rootkit
In this blog post, we will be operating under the assumption that you have retrieved a Windows kernel rootkit sample and want to breakpoint…
mx-takeover focuses DNS MX records and detects misconfigured MX records.
https://ift.tt/DoAhBIy
Submitted May 23, 2022 at 08:56PM by 0xmusana
via reddit https://ift.tt/OoRQ84L
https://ift.tt/DoAhBIy
Submitted May 23, 2022 at 08:56PM by 0xmusana
via reddit https://ift.tt/OoRQ84L
GitHub
GitHub - musana/mx-takeover: mx-takeover focuses DNS MX records and detects misconfigured MX records.
mx-takeover focuses DNS MX records and detects misconfigured MX records. - GitHub - musana/mx-takeover: mx-takeover focuses DNS MX records and detects misconfigured MX records.