Traversing the Path to RCE (Bug Bounty)
https://ift.tt/2wnfzYE
Submitted August 28, 2018 at 04:38AM by chocoluvin
via reddit https://ift.tt/2MAbU4P
https://ift.tt/2wnfzYE
Submitted August 28, 2018 at 04:38AM by chocoluvin
via reddit https://ift.tt/2MAbU4P
∞ Growing Web Security Blog
Traversing the Path to RCE
This post will detail the steps I took to find a path traversal vulnerability, and how I paired the vulnerability with the logic of the application to achieve Remote Code Execution through a shell …
Microsoft Windows task scheduler contains a local privilege escalation vulnerability in the ALPC interface
https://ift.tt/2PJxVvN
Submitted August 28, 2018 at 11:38AM by 0xdea
via reddit https://ift.tt/2BOFqil
https://ift.tt/2PJxVvN
Submitted August 28, 2018 at 11:38AM by 0xdea
via reddit https://ift.tt/2BOFqil
www.kb.cert.org
Vulnerability Note VU#906424 - Microsoft Windows task scheduler contains a local privilege escalation vulnerability in the ALPC…
Microsoft Windows task scheduler contains a local privilege escalation vulnerability in the Advanced Local Procedure Call (ALPC) interface, which can allow a local user to obtain SYSTEM privileges.
Tracking Down Malware by Analyzing Beacon Traffic
https://ift.tt/2w7PxcU
Submitted August 28, 2018 at 02:15PM by CyberBullets
via reddit https://ift.tt/2oe4Fkq
https://ift.tt/2w7PxcU
Submitted August 28, 2018 at 02:15PM by CyberBullets
via reddit https://ift.tt/2oe4Fkq
Active Countermeasures
Beacon Analysis - The Key to Cyber Threat Hunting - Active Countermeasures
Beacon analysis is by far the most effective method of threat hunting your network. In fact, I would argue that if you are not checking your network for beacon activity, you have a huge gap in your defenses that attackers will happily leverage. In this two…
Gmail Android app insecure Network Security Configuration
https://ift.tt/2NqjhIw
Submitted August 28, 2018 at 03:50PM by clviper
via reddit https://ift.tt/2PIgMmh
https://ift.tt/2NqjhIw
Submitted August 28, 2018 at 03:50PM by clviper
via reddit https://ift.tt/2PIgMmh
From Compiler Optimization to Code Execution - VirtualBox VM Escape - CVE-2018-2844
https://ift.tt/2NnD6jr
Submitted August 28, 2018 at 03:45PM by tunnelshade
via reddit https://ift.tt/2LyZHb6
https://ift.tt/2NnD6jr
Submitted August 28, 2018 at 03:45PM by tunnelshade
via reddit https://ift.tt/2LyZHb6
www.voidsecurity.in
From Compiler Optimization to Code Execution - VirtualBox VM Escape - CVE-2018-2844
Oracle fixed some of the issues I reported in VirtualBox during the Oracle Critical Patch Update - April 2018. CVE-2018-2844 was an inter...
A walkthrough the AcridRain Stealer
https://ift.tt/2Nrb86s
Submitted August 28, 2018 at 05:06PM by _cacao
via reddit https://ift.tt/2ohRrmR
https://ift.tt/2Nrb86s
Submitted August 28, 2018 at 05:06PM by _cacao
via reddit https://ift.tt/2ohRrmR
This is Security :: by Stormshield
A walk through the AcridRain Stealer - This is Security :: by Stormshield
This blogpost will talk about the analysis of a new password stealer named AcridRain and its different updates during the last 2 months. Introduction AcridRain is a new password stealer written in C/C++ that showed up on forums around the 11th of July 2018.…
Uber Bug Bounty: 1000$ for two “high severity” issue
https://ift.tt/2NqXjVR
Submitted August 28, 2018 at 05:49PM by mrpeuch
via reddit https://ift.tt/2BWjYIg
https://ift.tt/2NqXjVR
Submitted August 28, 2018 at 05:49PM by mrpeuch
via reddit https://ift.tt/2BWjYIg
Medium
Uber Bug Bounty: 1000$ for two “high severity” issue
Despite the fact I am fairly active on the various bug bounty platforms, I usually don’t blog around my activities or promote myself for…
Unpatched ALPC Priv Esc Bug in Windows 10 x64 PoC
https://ift.tt/2BWEFUw
Submitted August 28, 2018 at 07:44PM by at_physicaltherapy
via reddit https://ift.tt/2Ly8Cti
https://ift.tt/2BWEFUw
Submitted August 28, 2018 at 07:44PM by at_physicaltherapy
via reddit https://ift.tt/2Ly8Cti
GitHub
SandboxEscaper/randomrepo
Repo for random stuff. Contribute to SandboxEscaper/randomrepo development by creating an account on GitHub.
Featured in ThreatPost: VerSprite's Research Team Discovers Airmail 3 Exploit
https://ift.tt/2BAplN3
Submitted August 28, 2018 at 08:28PM by marketingversprite
via reddit https://ift.tt/2LAdFJU
https://ift.tt/2BAplN3
Submitted August 28, 2018 at 08:28PM by marketingversprite
via reddit https://ift.tt/2LAdFJU
VerSprite | Integrated Security Services and Consulting
Phishing for Files with Airmail 3 for Mac | VerSprite
We chose Airmail 3 as a target for reverse engineering to gain a better understanding of how MacOS applications work on a low-level.
Remote Code Execution on packagist.org
https://ift.tt/2LBF26B
Submitted August 28, 2018 at 11:25PM by justicz
via reddit https://ift.tt/2LtuupX
https://ift.tt/2LBF26B
Submitted August 28, 2018 at 11:25PM by justicz
via reddit https://ift.tt/2LtuupX
justi.cz
Remote Code Execution on packagist.org
tl;dr There was a remote code execution vulnerability on packagist.org, the default package server behind Composer, a PHP package manager. Packagist currentl...
Good Introduction to CORS (Cross-Origin Resource Sharing)
https://ift.tt/2Mp3PM3
Submitted August 29, 2018 at 12:42PM by CyberBullets
via reddit https://ift.tt/2BXV4Ie
https://ift.tt/2Mp3PM3
Submitted August 29, 2018 at 12:42PM by CyberBullets
via reddit https://ift.tt/2BXV4Ie
Fuzzing the .NET JIT Compiler
https://ift.tt/2NvyHeG
Submitted August 29, 2018 at 12:34PM by 0xad
via reddit https://ift.tt/2N61XM9
https://ift.tt/2NvyHeG
Submitted August 29, 2018 at 12:34PM by 0xad
via reddit https://ift.tt/2N61XM9
reddit
r/netsec - Fuzzing the .NET JIT Compiler
1 vote and 0 comments so far on Reddit
Native Android Proxmark3 client (rootless)
https://ift.tt/2wqroyi
Submitted August 29, 2018 at 07:17PM by doylersec
via reddit https://ift.tt/2PeFxpa
https://ift.tt/2wqroyi
Submitted August 29, 2018 at 07:17PM by doylersec
via reddit https://ift.tt/2PeFxpa
GitHub
AndProx/AndProx
Native Android Proxmark3 client (no root required) - AndProx/AndProx
WebAuthn Cryptography Flaws Round 2: IBM's ECDAA implementation
Hi /r/netsec!This is a follow-up to my previous submission about Security Concerns Surrounding WebAuthn, which dove into the cryptography protocol design of ECDAA (a FIDO Alliance design which WebAuthn explicitly adds as a reserved COSE algorithm).I looked at the ECDAA implementation published on Github under the IBM-Research organization and discovered that they're just using BigInteger.mod(), which will produced biased output (unless you're using a curve whose order is a Mersenne prime). Given that IBM employees were the co-authors of the ECDAA specification, I'm led to believe that the IBM-Research repository is somewhat official.I reported this on Github, of course: https://github.com/ibm-research/ecdaa/issues/5While I'm excited about the prospect of hardware-based 2FA (or even WebAuthn-powered single factor to eliminate passwords in corporate settings), the cryptography they're trying to standardize is too error-prone. We shouldn't trust it until these flaws are remedied.
Submitted August 29, 2018 at 08:48PM by sarciszewski
via reddit https://ift.tt/2BUGr8o
Hi /r/netsec!This is a follow-up to my previous submission about Security Concerns Surrounding WebAuthn, which dove into the cryptography protocol design of ECDAA (a FIDO Alliance design which WebAuthn explicitly adds as a reserved COSE algorithm).I looked at the ECDAA implementation published on Github under the IBM-Research organization and discovered that they're just using BigInteger.mod(), which will produced biased output (unless you're using a curve whose order is a Mersenne prime). Given that IBM employees were the co-authors of the ECDAA specification, I'm led to believe that the IBM-Research repository is somewhat official.I reported this on Github, of course: https://github.com/ibm-research/ecdaa/issues/5While I'm excited about the prospect of hardware-based 2FA (or even WebAuthn-powered single factor to eliminate passwords in corporate settings), the cryptography they're trying to standardize is too error-prone. We shouldn't trust it until these flaws are remedied.
Submitted August 29, 2018 at 08:48PM by sarciszewski
via reddit https://ift.tt/2BUGr8o
reddit
Security Concerns Surrounding WebAuthn: Don't Implement ECDAA (Yet)
Posted in r/netsec by u/sarciszewski • 83 points and 0 comments
We Are Motherboard's Infosec Reporters: Let's Talk Journalism and "Cyber." Ask Us Anything!
We are Lorenzo Franceschi-Bicchierai and Joseph Cox. We cover infosec and hacking for Motherboard, VICE Media's tech and science website. Over the years, we have written about government hacking, consumer spyware, surveillance technology, cybercrime, and a loooooot of data breaches.Recently, we've been digging into SIM swapping scams, the iPhone zero-day market, the mysterious group doxing Chinese government hackers, and Facebook's impossible problem: content moderation.Today we will stand on the other side and take questions about how we pick stories, how we report articles, how we verify hacked or leaked data, and anything in between.Proof: https://i.redd.it/ojzd8pgcivi11.jpg
Submitted August 29, 2018 at 08:33PM by motherboard
via reddit https://ift.tt/2omeJrI
We are Lorenzo Franceschi-Bicchierai and Joseph Cox. We cover infosec and hacking for Motherboard, VICE Media's tech and science website. Over the years, we have written about government hacking, consumer spyware, surveillance technology, cybercrime, and a loooooot of data breaches.Recently, we've been digging into SIM swapping scams, the iPhone zero-day market, the mysterious group doxing Chinese government hackers, and Facebook's impossible problem: content moderation.Today we will stand on the other side and take questions about how we pick stories, how we report articles, how we verify hacked or leaked data, and anything in between.Proof: https://i.redd.it/ojzd8pgcivi11.jpg
Submitted August 29, 2018 at 08:33PM by motherboard
via reddit https://ift.tt/2omeJrI
Twitter
Lorenzo Franceschi-Bicchierai (he/him) (@lorenzofb) | Twitter
The latest Tweets from Lorenzo Franceschi-Bicchierai (he/him) (@lorenzofb). Real-time historian of the late cyber capitalist era @motherboard. Tweets about infosec, surveillance by day. 🍕, ⚽️, 🎸, 🎮 by night. ☎️ +1 917 257 1382. 🏳️🌈 lorenzofb@vice
BYOB (Build Your Own Botnet)
https://ift.tt/2o2lJKj
Submitted August 29, 2018 at 09:28PM by PoonSafari
via reddit https://ift.tt/2wnLqcI
https://ift.tt/2o2lJKj
Submitted August 29, 2018 at 09:28PM by PoonSafari
via reddit https://ift.tt/2wnLqcI
GitHub
GitHub - malwaredllc/byob: An open-source post-exploitation framework for students, researchers and developers.
An open-source post-exploitation framework for students, researchers and developers. - GitHub - malwaredllc/byob: An open-source post-exploitation framework for students, researchers and developers.
Assume the Worst: Enumerating AWS Roles through ‘AssumeRole’
https://ift.tt/2NxZt5R
Submitted August 30, 2018 at 12:24AM by hackers_and_builders
via reddit https://ift.tt/2LDTavO
https://ift.tt/2NxZt5R
Submitted August 30, 2018 at 12:24AM by hackers_and_builders
via reddit https://ift.tt/2LDTavO
reddit
r/netsec - Assume the Worst: Enumerating AWS Roles through ‘AssumeRole’
1 vote and 0 comments so far on Reddit
Why ‘She Hacks PURPLE’? – SheHacksPurple – Medium
https://ift.tt/2Nw9P6n
Submitted August 30, 2018 at 04:10AM by shehackspurple
via reddit https://ift.tt/2NvTL4E
https://ift.tt/2Nw9P6n
Submitted August 30, 2018 at 04:10AM by shehackspurple
via reddit https://ift.tt/2NvTL4E
Medium
Why ‘She Hacks PURPLE’?
The story of my handle: SheHacksPurple.
Sensitive Data Exposure via WiFi Broadcasts in Android OS [CVE-2018-9489]
https://ift.tt/2PNqKTr
Submitted August 30, 2018 at 05:50AM by nightwatchcyber
via reddit https://ift.tt/2PJE3o5
https://ift.tt/2PNqKTr
Submitted August 30, 2018 at 05:50AM by nightwatchcyber
via reddit https://ift.tt/2PJE3o5
Nightwatch Cybersecurity
Sensitive Data Exposure via WiFi Broadcasts in Android OS [CVE-2018-9489]
Summary System broadcasts by Android OS expose information about the user’s device to all applications running on the device. This includes the WiFi network name, BSSID, local IP addresses, D…
Air Canada says mobile app breach may affect up to 20,000 customers
https://ift.tt/2wtXXeF
Submitted August 30, 2018 at 12:39PM by rsossl
via reddit https://ift.tt/2wxsFTs
https://ift.tt/2wtXXeF
Submitted August 30, 2018 at 12:39PM by rsossl
via reddit https://ift.tt/2wxsFTs
www.ctvnews.ca
Air Canada says mobile app breach may affect up to 20,000 customers
MONTREAL -- Some 20,000 Air Canada customers woke up Wednesday to learn their personal information may have been compromised after a breach in the airline's mobile app that prompted a lockdown on all 1.7 million accounts until their passwords could be changed.
NoDDOS: open-source OpenWRT + Linux system for network device profiling
https://www.noddos.io/
Submitted August 30, 2018 at 03:22PM by unquietwiki
via reddit https://ift.tt/2LEuXpp
https://www.noddos.io/
Submitted August 30, 2018 at 03:22PM by unquietwiki
via reddit https://ift.tt/2LEuXpp
www.noddos.io
No DDoS attacks
Help stop DDOS attacks.