Books library https://news.1rj.ru/str/sysadm_in/203879

NimicStack - Slack spoofing with Nim

NimicStack is the pure Nim implementation of Call Stack Spoofing technique to mimic legitimate programs.

https://github.com/frkngksl/NimicStack

KHS in Almaty (Kazakhstan) at 14-16 September.

With Jayson E. Street (DEF CON Groups Global Ambassador), Author book series of "Dissecting the hack: Series"...

Sys-Adm.in is not only an information partner, but also a participant in the conference 🎉

See more details on official KHS site: https://kazhackstan.kz

SQUIP: Exploiting the Scheduler Queue Contention Side Channel

In this paper, we present the SQUIP attack, the first side-channel attack on scheduler queues. With SQUIP, we measure the precise degree of Scheduler Queue Usage (i.e., occupancy) via Interference Probing. We show that this occupancy level measurement works on microarchitectures of different vendors, namely the Apple M1, AMD Zen 2 and Zen 3…

Kali Linux 2022.3 Release

https://www.kali.org/blog/kali-linux-2022-3-release/

ÆPIC Leak - Architecturally Leaking Uninitialized Data from the Microarchitecture

https://aepicleak.com

P.S. Thx for the news dear subscriber ✌️

Attacking and Remediating Excessive Network Share Permissions in Active Directory Environments

…how to quickly inventory, exploit, and remediate network shares configured with excessive permissions at scale in Active Directory environments…:

https://www.netspi.com/blog/technical/network-penetration-testing/network-share-permissions-powerhuntshares/

OverSight

Mac malware often spies on users by recording audio and video sessions...sometimes in an undetected manner.

OverSight monitors a mac's mic and webcam, alerting the user when the internal mic is activated, or whenever a process accesses the webcam.

https://objective-see.org/products/oversight.html

#tool

Researching Xiaomi’s TEE to get to Chinese money

technical analysys

https://research.checkpoint.com/2022/researching-xiaomis-tee/

Fixing Memory Exhaustion Bugs in My Golang Web App

https://mtlynch.io/notes/picoshare-perf/

Hacking Zyxel IP cameras to gain a root shell

TLDR - Do not buy, do not use, and remove all of these devices from service immediately (IPC-3605N and the model IPC-4605N). They are so miserably insecure it took me less than a day of effort to develop a utility to remotely compromise any of them. Keep reading if you want to know how… (from Author)

Technical analysis:

http://www.hydrogen18.com/blog/hacking-zyxel-ip-cameras-pt-1.html

Open SysConf 2022 Уже в Октябре!
 
Привет, мы готовим новую - четвертую ежегодную встречу Open SysConf'22.

Уже точно есть:
— Три доклада
— Собрано половина бюджета
— Место, дата и время встречи
- Обновленный сайт sysconf.io

Обычно у большинства людей обстоятельства складываются таким образом, что вечно что-то мешает заняться спортом, сделать доклад, поучаствовать в конфе, мешают обычно работа, откладывание за завтра и тп и тд...

Собраться, поделиться знаниями, найти время для себя - это то, что нужно действительно сделать здесь и сейчас (и в Октябре)! Расправь плечи дорогой друг, подними голову и ступай смело вперед:

- https://sysconf.io
- 14 Октября, с 11:00 до 20:00, Алматы.

Зал большой, места хватит всем! Все нужные ссылки, ты найдешь на сайте. Peace ✌️.
 

Pwning Popular Desktop apps while uncovering new attack surface on Electron

https://i.blackhat.com/USA-22/Thursday/US-22-Purani-ElectroVolt-Pwning-Popular-Desktop-Apps.pdf

ebpf-process-anomaly-detection

Process behaviour anomaly detection using eBPF system call tracing and unsupervised learning Autoencoders.

https://github.com/evilsocket/ebpf-process-anomaly-detection

Envoy

Open Source Edge And Service Proxy, Designed For Cloud-native Applications

https://www.envoyproxy.io/

#tool

Online Security Certification Roadmap

https://pauljerimy.com/security-certification-roadmap/

Frontend Tracks on JetBrains Academy: Learn HTML, CSS, and JavaScript

you can entoll fre plan for self learning:

https://blog.jetbrains.com/education/2022/08/17/frontend-tracks-on-jetbrains-academy-learn-html-css-and-javanoscript/

Open BLD DNS Updating News (August’22): New BLD release, New tools and more
 
- 100% migration to KeyDB from Redis
- Automated upgrading target distros according Open BLD DNS roles (BLD infra has several BLD servers roles)
- Added Open API IP location reflector (see link below) on the S-A Lab site
- Ansible roles optimized with common variables
- BLD Server update server can merge downloaded lists without comments (plain lists)
- UptimeRobot helped to Open BLD, now you can review status page: bld-status.sys-adm.in

Note: UptimeRobot supported Open BLD DNS Project. I’m using UptimeRobot more than 10 years, it is a very useful and stable uptime monitirung servise, details

Tools:
• install-redis.sh
• install-keydb.sh
• redis-to-keydb.sh
• lib.sh
• monit2telegram.sh - local IP detection fuctionallity added to this fork
• ip reflector
• bld server

Deprecation notice:
• ⚠️ 8443 port will be disabled in the next release. Please switch your DoH to 443

Open BLD DNS Site:
• EN - https://lab.sys-adm.in/en
• RU - https://lab.sys-adm.in/ru