Insulet OmniPod Insulin Management System vulnerability https://omnipod.lyrebirds.dk/
Abusing Windows’ Implementation of Fork() for Stealthy Memory Operations https://billdemirkapi.me/abusing-windows-implementation-of-fork-for-stealthy-memory-operations/?s=09
Bill Demirkapi's Blog
Abusing Windows’ Implementation of Fork() for Stealthy Memory Operations
Note: Another researcher recently tweeted about the technique discussed in this blog post, this is addressed in the last section of the blog (warning, spoilers!). To access information about a running process, developers generally have to open a handle to…
Exploiting OAuth: Journey to Account Takeover https://blog.dixitaditya.com/2021/11/19/account-takeover-chain.html
All Things Security
Exploiting OAuth: Journey to Account Takeover
This is a chain of four different vulnerabilities that allowed me to exploit the OAuth flow to take over the victim's account.
Nice analysis on low-level details of x86 assembly associated to memset/memcpy https://twitter.com/nadavrot/status/1464364562409422852?t=xuCmg9OLp5gy7wdzdVKKIg&s=09
Twitter
Nadav Rotem
I spent some time optimizing memset and memcpy in x86 assembly. Here are a few interesting things about memset and memcpy. 1/
CONTInuing the Bazar Ransomware Story https://thedfirreport.com/2021/11/29/continuing-the-bazar-ransomware-story/
The DFIR Report
CONTInuing the Bazar Ransomware Story
In this report we will discuss a case from early August where we witnessed threat actors utilizing BazarLoader and Cobalt Strike to accomplish their mission of encrypting systems with Conti ransomw…
ScarCruft surveilling North Korean defectors and human rights activists https://securelist.com/scarcruft-surveilling-north-korean-defectors-and-human-rights-activists/105074/
Securelist
ScarCruft surveilling North Korean defectors and human rights activists
The ScarCruft group (also known as APT37 or Temp.Reaper) is a nation-state sponsored APT actor. Recently, we had an opportunity to perform a deeper investigation on a host compromised by this group.
The Water Bear that Wasn’t: Tardigrade https://medium.com/@semisi.ganon/the-water-bear-that-wasnt-tardigrade-6d3ed4d8e86b
Medium
The Water Bear that Wasn’t: Tardigrade
In mid November 2021 the world’s tech commentators including Wired, The Washington Post, Bleeping Computer and Tripwire lit up with news of…
POC of Linux Kernel TIPC remote code execution (CVE-2021-43267) flaw has been disclosed https://securityonline.info/cve-2021-43267-poc/
Cybersecurity News
POC of Linux Kernel TIPC remote code execution (CVE-2021-43267) flaw has been disclosed
The POC of Linux Kernel TIPC remote code execution (CVE-2021-43267) vulnerability has been disclosed, the vulnerability level is serious
Discovering Full Read SSRF in Jamf (CVE-2021-39303 & CVE-2021-40809) https://blog.assetnote.io/2021/11/30/jamf-ssrf/
An Illustrated Guide to Elliptic Curve Cryptography Validation https://research.nccgroup.com/2021/11/18/an-illustrated-guide-to-elliptic-curve-cryptography-validation/
Nice write-up (in Korean) » Virtualbox 6.1.18 0-day(였던) http://blog.howdays.kr/index.php/2021/11/26/virtualbox-6-1-18-0-day/
What does APT Activity Look Like on macOS? https://themittenmac.com/what-does-apt-activity-look-like-on-macos/
The Mitten Mac
What does APT Activity Look Like on MacOS?
What does APT Activity Look Like on macOS?I often get asked what Advanced Persistent Activity (APT) or nation state hacking looks like on a macOS system. This is a great question and the answer is no
Tracking a P2P network related to TA505
https://research.nccgroup.com/2021/12/01/tracking-a-p2p-network-related-with-ta505/
https://research.nccgroup.com/2021/12/01/tracking-a-p2p-network-related-with-ta505/
Nccgroup
Cyber Security Research
Cutting-edge cyber security research from NCC Group. Find public reports, technical advisories, analyses, & other novel insights from our global experts.
This shouldn't have happened: A vulnerability postmortem https://googleprojectzero.blogspot.com/2021/12/this-shouldnt-have-happened.html
Blogspot
This shouldn't have happened: A vulnerability postmortem
Posted by Tavis Ormandy, Project Zero Introduction This is an unusual blog post. I normally write posts to highlight some hidden att...
Popping iOS <=14.7 with IOMFB https://jsherman212.github.io/2021/11/28/popping_ios14_with_iomfb.html
Justin’s Blog
Popping iOS <=14.7 with IOMFB
During the last two weeks of my summer (as of writing, summer 2021), I decided to try and take a crack at iOS 14 kernel exploitation with the IOMobileFramebuffer OOB pointer read (CVE-2021-30807). Unfortunately, a couple days after I moved back into school…
All our team wishes you and yours a Happy New Year! ❤️
The Re-Emergence of Emotet https://www.deepinstinct.com/blog/the-re-emergence-of-emotet
Deep Instinct
The Re-Emergence of Emotet | Deep Instinct
Emotet, the malware botnet, has resurfaced after almost 10 months. The operation was originally taken down by multiple international law enforcement agencies this past January. These agencies took control of the infrastructure and scheduled an un-installation…