DES algorithm illustration https://hereket.com/tiny/des-algorithm/
PuTTY vulnerability vuln-p521-bias #PuTTY #vulnerability #NIST #P521 #security https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-p521-bias.html
Palo Alto - Putting The Protecc In GlobalProtect (CVE-2024-3400) #PaloAlto #GlobalProtect #CVE-2024-3400 #SSLVPN #Vulnerability https://labs.watchtowr.com/palo-alto-putting-the-protecc-in-globalprotect-cve-2024-3400/
watchTowr Labs
Palo Alto - Putting The Protecc In GlobalProtect (CVE-2024-3400)
Welcome to April 2024, again. We’re back, again.
Over the weekend, we were all greeted by now-familiar news—a nation-state was exploiting a “sophisticated” vulnerability for full compromise in yet another enterprise-grade SSLVPN device.
We’ve seen all the…
Over the weekend, we were all greeted by now-familiar news—a nation-state was exploiting a “sophisticated” vulnerability for full compromise in yet another enterprise-grade SSLVPN device.
We’ve seen all the…
👾1
CVE-2024-2448: Authenticated Command Injection In Progress Kemp LoadMaster https://rhinosecuritylabs.com/research/cve-2024-2448-kemp-loadmaster/
Rhino Security Labs
CVE-2024-2448: Authenticated Command Injection In Progress Kemp LoadMaster
This blog covers 2 vulnerabilities discovered by Rhino Security Labs in Kemp LoadMaster load balancers: CVE-2024-2448 and CVE-2024-2449.
A quick post on Chen’s algorithm #ChensAlgorithm #CryptographicEngineering #LatticeProblems #QuantumComputing #PQC https://blog.cryptographyengineering.com/2024/04/16/a-quick-post-on-chens-algorithm/
A Few Thoughts on Cryptographic Engineering
A quick post on Chen’s algorithm
Update (April 19): Yilei Chen announced the discovery of a bug in the algorithm, which he does not know how to fix. This was independently discovered by Hongxun Wu and Thomas Vidick. At present, th…
🤯1🤷1
Reversing UK mobile rail tickets #UKRailTickets #MobileTickets #TicketDecoding #PublicKeys #RSAEncryption https://eta.st/2023/01/31/rail-tickets.html
eta.st
Reversing UK mobile rail tickets
The UK has used small credit-card sized tickets to pay for train travel for years and years, since long before I was born — originally theAPTIS ticket1,which...
🔥1
How Antithesis finds bugs (with help from the Super Mario Bros.) #Antithesis #BugFinding #SuperMarioBros #StateSpace #InnovativeApproach https://antithesis.com/blog/sdtalk/
Antithesis
How Antithesis finds bugs (with help from the Super Mario Bros.)
Can solving Super Mario Bros. help solve your distributed systems issues?
🍾1
CVE-2024-20697: Windows Libarchive Remote Code Execution Vulnerability #ZeroDayInitiative #CVE202420697 #Windows #Libarchive #RemoteCodeExecution https://www.zerodayinitiative.com/blog/2024/4/17/cve-2024-20697-windows-libarchive-remote-code-execution-vulnerability
Zero Day Initiative
Zero Day Initiative — CVE-2024-20697: Windows Libarchive Remote Code Execution Vulnerability
In this excerpt of a Trend Micro Vulnerability Research Service vulnerability report, Guy Lederfein and Jason McFadyen of the Trend Micro Research Team detail a recently patched remote code execution vulnerability in Microsoft Windows. This bug was originally…
EvilGophish’s Approach to Advanced Bot Detection with Cloudflare Turnstile #EvilGophish #AdvancedBotDetection #CloudflareTurnstile #PhishingInfrastructure #CybersecurityTools https://fin3ss3g0d.net/index.php/2024/04/08/evilgophishs-approach-to-advanced-bot-detection-with-cloudflare-turnstile/
fin3ss3g0d's Blog -
EvilGophish’s Approach to Advanced Bot Detection with Cloudflare Turnstile - fin3ss3g0d's Blog
Introduction Bots pose a significant threat to the integrity of phishing infrastructure, primarily by automating detection and countermeasures that can prematurely expose and neutralize simulated phishing campaigns. These automated agents can range from security…
Element Android CVE-2024-26131, CVE-2024-26132 - Never Take Intents From Strangers #Shielder #ElementAndroid #CVE2024-26131 #CVE2024-26132 #NeverTakeIntentsFromStrangers https://www.shielder.com/blog/2024/04/element-android-cve-2024-26131-cve-2024-26132-never-take-intents-from-strangers/
Shielder
Shielder - Element Android CVE-2024-26131, CVE-2024-26132 - Never Take Intents From Strangers
A writeup about two intent-based Android vulnerabilities CVE-2024-26131 and CVE-2024-26132 in Element (Matrix).
🔥1
Breaking Custom Encryption Using Frida (Mobile Application Pentesting) #CustomEncryption #Frida #MobileApp #PenTesting #ApplicationSecurity https://labs.cognisys.group/posts/Breaking-Custom-Ecryption-Using-Frida-Mobile-Application-pentesting/
Cognisys Group Labs
Breaking Custom Encryption Using Frida (Mobile Application Pentesting)
Overview
🔥1
The Windows Registry Adventure #1: Introduction and research results #ProjectZero #WindowsRegistryAdventure #ResearchResults #CVEs #LocalPrivilegeEscalation https://googleprojectzero.blogspot.com/2024/04/the-windows-registry-adventure-1.html
projectzero.google
The Windows Registry Adventure #1: Introduction and research results - Project Zero
Posted by Mateusz Jurczyk, Google Project Zero In the 20-month period between May 2022 and December 2023, I thoroughly audited the Windows Registry in sear...
How Hackers Use Wireshark for Password Sniffing: What does Wireshark do? #Hackers #Wireshark #PasswordSniffing #Cybersecurity #ProtectYourself https://hackproofhacks.com/password-sniffing/
HackProofHacks
How Hackers Use Wireshark for Password Sniffing: What does Wireshark do? - HackProofHacks
Hey there, let's dive deep into the world of password sniffing and understand how hackers operate to steal sensitive information like login credentials.
The Windows Registry Adventure #2: A brief history of the feature #ProjectZero #WindowsRegistry #History #Google #Windows11 https://googleprojectzero.blogspot.com/2024/04/the-windows-registry-adventure-2.html
projectzero.google
The Windows Registry Adventure #2: A brief history of the feature - Project Zero
Posted by Mateusz Jurczyk, Google Project Zero Before diving into the low-level security aspects of the registry, it is important to understand its role in...
Abusing WSUS with MITM to perform ADCS ESC8 attack #WSUS #MITM #ADCS #ESC8 #PrivilegeEscalation https://j4s0nmo0n.github.io/belettetimoree.github.io/2023-12-01-WSUS-to-ESC8.html
Belette Timorée’s blog post
Abusing WSUS with MITM to perform ADCS ESC8 attack
Google Chrome V8 CVE-2024-0517 Out-of-Bounds Write Code Execution #GoogleChrome #V8 #CodeExecution #VulnerabilityAnalysis #ExodusIntelligence https://blog.exodusintel.com/2024/01/19/google-chrome-v8-cve-2024-0517-out-of-bounds-write-code-execution/
Exodus Intelligence
Google Chrome V8 CVE-2024-0517 Out-of-Bounds Write Code Execution - Exodus Intelligence
By Javier Jimenez and Vignesh Rao Overview In this blog post we take a look at a vulnerability that we found in Google Chrome’s V8 JavaScript engine a few months ago. This vulnerability was patched in a Chrome update on 16 January 2024 and assigned CVE-2024…
🔥3
NTLM v1 and NTLM v2 vs Kerberos #NTLM #Kerberos #ServerHardeningAutomation #SecurityUpdates #MITREATT&CK https://www.calcomsoftware.com/ntlm-v1-and-v2-vs-kerberos/
CalCom
NTLMv1, NTLMv2 vs Kerberos – Key Differences & Best Practices
Compare NTLMv1, NTLMv2 and Kerberos authentication protocols — pros, cons, and when to use each. See latest security guidance & hardening tips.
Smoke and (screen) mirrors: A strange signed backdoor #SophosNews #BackdoorDiscovery #SignedExecutable #ThreatResearch #MaliciousBackdoor https://news.sophos.com/en-us/2024/04/09/smoke-and-screen-mirrors-a-strange-signed-backdoor/
Sophos
Smoke and (screen) mirrors: A strange signed backdoor
Sophos X-Ops discovers a curious backdoored (and signed) executable, masquerading as something else entirely
KExecDD: Admin to Kernel code execution using the KSecDD driver #KExecDD #AdminToKernel #KSecDDdriver #LSASS #KernelSecurity https://github.com/floesen/KExecDD
GitHub
GitHub - floesen/KExecDD: Admin to Kernel code execution using the KSecDD driver
Admin to Kernel code execution using the KSecDD driver - floesen/KExecDD