Intel Hardware Shield deep dive: part 1 is user-mode System Management Mode (ISRD).

https://tandasat.github.io/blog/2024/02/29/ISRD.html

Black Hat 2022: The Intel PPAM attack story

https://binarly.io/posts/Black_Hat_2022_The_Intel_PPAM_attack_story/

ArtPrompt: ASCII Art-based Jailbreak Attacks against Aligned LLMs

https://arxiv.org/abs/2402.11753

How your EDR actually works

https://twitter.com/i/broadcasts/1dRKZErXPQbxB?s=20

#edr
------
@islemolecule_source

Some Notes on Hardening IPv6 Stacks

https://theinternetprotocolblog.wordpress.com/2020/11/16/some-notes-on-hardening-ipv6-stacks/

#internals
------
@islemolecule_source

Buffer Overflow : Exploiting Easy RM to MP3 Converter

https://vandanpathak.com/kernels-and-buffers/buffer-overflow-exploiting-easy-rm-to-mp3-converter/

#book
"The 2024 Crypto Crime Report:
The latest trends in ransomware, scams, hacking and more", Feb. 2024.

Advanced CyberChef Techniques for Configuration Extraction - Detailed Walkthrough and Examples

https://embee-research.ghost.io/advanced-cyberchef-operations-netsupport/

Data Scientists Targeted by Malicious Hugging Face ML Models with Silent Backdoor

https://jfrog.com/blog/data-scientists-targeted-by-malicious-hugging-face-ml-models-with-silent-backdoor/

Red Teaming action practice based on MITER ATT&CK

https://mp.weixin.qq.com/s?__biz=MzAwMzAwOTQ5Nw==&mid=2650941400&idx=1&sn=cb9fda3118d1eced912f9e210c2cd734&chksm=8137396eb640b078190b7846de94f9486b3c2

2023 Top Vulnerabilities

CVE-2023-28252 1– Windows Common Log File System Driver Elevation of Privilege Vulnerability.

CVE-2023-7024– Google Chromium WebRTC Heap Buffer Overflow Vulnerability.

CVE-2023-23397 2– Microsoft Outlook Elevation of Privilege Vulnerability.

CVE-2023-34362– Progress MOVEit Transfer SQL Injection Vulnerability.

CVE-2023-38831– RARLAB WinRAR Code Execution Vulnerability

CVE-2023-21674– Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability.

CVE-2023-23376– Windows Common Log File System Driver Elevation of Privilege Vulnerability.

CVE-2023-32434– Apple Multiple Products Integer Overflow Vulnerability.

CVE-2023-41763– Skype for Business Elevation of Privilege Vulnerability.

CVE-2023-36033– Windows DWM Core Library Elevation of Privilege Vulnerability

https://malware.news/t/2023-top-vulnerabilities/79315

Complete Guide to Advanced Persistent Threat (APT) Security
https://securityboulevard.com/2024/03/complete-guide-to-advanced-persistent-threat-apt-security/

open source RAT on the scene Xeno Rat

https://www.cyfirma.com/outofband/xeno-rat-a-new-remote-access-trojan-with-advance-capabilities/

https://github.com/moom825/xeno-rat

How we applied advanced fuzzing techniques to cURL


https://blog.trailofbits.com/2024/03/01/toward-more-effective-curl-fuzzing/

Lazarus exploited a flaw in the Windows AppLocker driver (appid.sys) as a zero-day to gain kernel-level access and turn off security tools.CVE-2024-21338
Beyond BYOVD with an Admin-to-Kernel Zero-Day
https://decoded.avast.io/janvojtesek/lazarus-and-the-fudmodule-rootkit-beyond-byovd-with-an-admin-to-kernel-zero-day/

Password : GREENARMOR

Thanks " ./h4x Forensics " and others for sharing