Spoofing DNS Records by Abusing DHCP DNS Dynamic Updates https://www.akamai.com/blog/security-research/spoofing-dns-by-abusing-dhcp
Akamai
Spoofing DNS Records by Abusing DHCP DNS Dynamic Updates | Akamai
Akamai researchers discovered a new set of attacks against Active Directory (AD) using Microsoft DHCP servers that can lead to full AD takeover.
👍2
CVE-2023-45866: Unauthenticated Bluetooth keystroke-injection in Android, Linux, macOS and iOS https://github.com/skysafe/reblog/tree/main/cve-2023-45866
GitHub
reblog/cve-2023-45866 at main · skysafe/reblog
SkySafe Miscellaneous Reverse Engineering Blog. Contribute to skysafe/reblog development by creating an account on GitHub.
Hacking Brightway scooters: A case study https://robocoffee.de/?p=436
Bypassing major EDRs using Pool Party process injection techniques https://securityaffairs.com/155464/hacking/pool-party-bypassing-edr.html
Security Affairs
Bypassing major EDRs using Pool Party process injection techniques
Researchers devised novel attack vector for process injection, dubbed Pool Party, that evades EDR solutions.
New botnet malware exploits zero-day CVE-2023-49897 flaw in routers https://securityonline.info/new-botnet-malware-exploits-zero-day-cve-2023-49897-flaw-in-routers/
Cybersecurity News
New botnet malware exploits zero-day CVE-2023-49897 flaw in routers
This vulnerability cataloged as CVE-2023-49897 with a CVSS v3 score of 8.0, allows authenticated attackers to execute OS commands remotely
⚡1
Understanding Dirty Pagetable - m0leCon Finals 2023 CTF Writeup https://ptr-yudai.hatenablog.com/entry/2023/12/08/093606
CTFするぞ
Understanding Dirty Pagetable - m0leCon Finals 2023 CTF Writeup - CTFするぞ
About I participated m0leCon Finals 2023 CTF, which was held in Politecnico di Torino, Italy, as a member of std::weak_ptr<moon>*1. Among the pwnable challenges…
👍1
Reverse engineering natively-compiled .NET apps: Digging into internals of apps built with native AOT https://migeel.sk/blog/2023/09/15/reverse-engineering-natively-compiled-dotnet-apps/
Michal's low level corner
Reverse engineering natively-compiled .NET apps
Digging into internals of apps built with native AOT.
🔥1
Fighting Ursa Aka APT28: Illuminating a Covert Campaign https://unit42.paloaltonetworks.com/russian-apt-fighting-ursa-exploits-cve-2023-233397/
Unit 42
Fighting Ursa Aka APT28: Illuminating a Covert Campaign
In three campaigns over the past 20 months, Russian APT Fighting Ursa has targeted over 30 organizations of likely strategic intelligence value using CVE-2023-23397.
MrAnon Stealer Spreads via Email with Fake Hotel Booking PDF https://www.fortinet.com/blog/threat-research/mranon-stealer-spreads-via-email-with-fake-hotel-booking-pdf
Fortinet Blog
MrAnon Stealer Spreads via Email with Fake Hotel Booking PDF
FortiGuard Labs uncovers a sophisticated phishing campaign deploying MrAnon Stealer via fake booking PDF. Learn more.…
Unraveling The Story of Multiple Admin Panel Compromises https://vedanttekale20.medium.com/unraveling-the-story-of-multiple-admin-panel-compromises-baac4444285f
Medium
Unraveling The Story of Multiple Admin Panel Compromises
Welcome back, fellow hackers and cyber security enthusiasts! I’m Vedant, also known as Vegeta on Twitter 😁. It’s been a while, but I’m…
👍2
23 Open Problems for Digital Self-Replicators https://tmpout.sh/3/21.html
DanaBot's Latest Move: Deploying Latrodectus https://www.esentire.com/blog/danabots-latest-move-deploying-icedid
eSentire
DanaBot's Latest Move: Deploying Latrodectus
Learn more about DanaBot banking Trojan and get security recommendations from our Threat Response Unit (TRU) to protect your business from this cyber…
👍1
Information about Windows persistence mechanisms https://persistence-info.github.io/
👌2
Ghidra Basics - Manual Shellcode Analysis and C2 Extraction https://embee-research.ghost.io/ghidra-basics-shellcode-analysis/
Embee Research
How to Use Ghidra to Analyse Shellcode and Extract Cobalt Strike Command & Control Servers
Manual analysis of Cobalt Strike Shellcode with Ghidra. Identifying function calls and resolving API hashing.
Leveraging ssh-keygen for Arbitrary Execution (and Privilege Escalation) https://seanpesce.blogspot.com/2023/03/leveraging-ssh-keygen-for-arbitrary.html
Blogspot
Leveraging ssh-keygen for Arbitrary Execution (and Privilege Escalation)
TL;DR The ssh-keygen command can be used to load a shared library with the -D flag. This can be useful for privilege ...
Cramming a Tiny Program into a Tiny ELF File: A Case Study https://tmpout.sh/3/22.html
The Pool Party You Will Never Forget: New Process Injection Techniques Using Windows Thread Pools https://www.safebreach.com/blog/process-injection-using-windows-thread-pools
SafeBreach
Process Injection Using Windows Thread Pools | Safebreach
Researchers have developed 8 new undetectable process injection techniques exploiting Windows thread pools to bypass leading EDR solutions.
👍2
PoolParty: A set of fully-undetectable process injection techniques abusing Windows Thread Pools https://github.com/SafeBreach-Labs/PoolParty
GitHub
GitHub - SafeBreach-Labs/PoolParty: A set of fully-undetectable process injection techniques abusing Windows Thread Pools
A set of fully-undetectable process injection techniques abusing Windows Thread Pools - SafeBreach-Labs/PoolParty
POSTDump: perform minidump of LSASS process using few technics to avoid detection https://securityonline.info/postdump-perform-minidump-of-lsass-process-using-few-technics-to-avoid-detection/
New payload to exploit Error-based SQL injection - Oracle database https://www.mannulinux.org/2023/12/New-payload-to-exploit-Error-based-SQL-injection-Oracle-database.html
www.mannulinux.org
New payload to exploit Error-based SQL injection - Oracle database
Learn Basic Concepts of Linux. Best site to learn Linux from beginner to Advanced.