NativeDump
NativeDump allows to dump the lsass process using only NTAPIs generating a Minidump file with only the streams needed to be parsed by tools like Mimikatz or Pypykatz (SystemInfo, ModuleList and Memory64List Streams).
https://github.com/ricardojoserf/NativeDump
NativeDump allows to dump the lsass process using only NTAPIs generating a Minidump file with only the streams needed to be parsed by tools like Mimikatz or Pypykatz (SystemInfo, ModuleList and Memory64List Streams).
https://github.com/ricardojoserf/NativeDump
CVE-2023-48788: Fortinet FortiClient EMS SQL Injection Deep Dive
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Horizon3.ai
CVE-2023-48788: Fortinet FortiClient EMS SQL Injection Deep Dive
CVE-2023-48788 Fortinet FortiClient EMS SQL Injection Deep-Dive and Indicators of Compromise. This blog details the SQL injection which allows an unauthenticated attacker to access the FortiClient EMS server as SYSTEM to execute arbitrary commands.
Pingora
Pingora is a Rust framework to build fast, reliable and programmable networked systems from CF
https://github.com/cloudflare/pingora
Pingora is a Rust framework to build fast, reliable and programmable networked systems from CF
https://github.com/cloudflare/pingora
GitHub
GitHub - cloudflare/pingora: A library for building fast, reliable and evolvable network services.
A library for building fast, reliable and evolvable network services. - cloudflare/pingora
Ramsomware 2023-2024 review
Cybercriminal ramsom Russia attacks review:
https://www.facct.ru/blog/ransomware-2023-2024/
Cybercriminal ramsom Russia attacks review:
https://www.facct.ru/blog/ransomware-2023-2024/
F6
Очень грязные дела: обзор преступных групп вымогателей, атаковавших Россию в 2023-2024 году - F6
Эксперты F6 проанализировали активные преступные группы вымогателей, атаковавших российские компании в 2023-2024 гг.
/ Vulnerabilities Identified in LG WebOS
WebOS versions 4 through 7 running on LG TVs. These vulnerabilities let us gain root access on the TV after bypassing the authorization mechanism. Although the vulnerable service is intended for LAN access only, so.. Internet-connected devices, identified over 91,000 devices:
https://www.bitdefender.com/blog/labs/vulnerabilities-identified-in-lg-webos/
WebOS versions 4 through 7 running on LG TVs. These vulnerabilities let us gain root access on the TV after bypassing the authorization mechanism. Although the vulnerable service is intended for LAN access only, so.. Internet-connected devices, identified over 91,000 devices:
https://www.bitdefender.com/blog/labs/vulnerabilities-identified-in-lg-webos/
Bitdefender Labs
Vulnerabilities Identified in LG WebOS
As the creator of the world’s first smart home cybersecurity hub, Bitdefender regularly audits popular IoT hardware for vulnerabilities.
/ Unauthenticated attacker can execute arbitrary code via FortiClientLinux
[FortiClient Linux] Remote Code Execution due to dangerous nodejs configuration. Official advisory:
https://www.fortiguard.com/psirt/FG-IR-23-087
[FortiClient Linux] Remote Code Execution due to dangerous nodejs configuration. Official advisory:
https://www.fortiguard.com/psirt/FG-IR-23-087
FortiGuard Labs
PSIRT | FortiGuard Labs
None
/ CVE-2024-3273: D-Link NAS RCE Exploited in the Wild
A remote code execution vulnerability in D-Link NAS devices is actively being exploited and is tracked under CVE-2024-3273. The vulnerability is believed to affect as many as 92,000 devices
https://www.greynoise.io/blog/cve-2024-3273-d-link-nas-rce-exploited-in-the-wild
A remote code execution vulnerability in D-Link NAS devices is actively being exploited and is tracked under CVE-2024-3273. The vulnerability is believed to affect as many as 92,000 devices
https://www.greynoise.io/blog/cve-2024-3273-d-link-nas-rce-exploited-in-the-wild
www.greynoise.io
CVE-2024-3273: D-Link NAS RCE Exploited in the Wild | GreyNoise Blog
Check out this blog to stay informed about a critical remote code execution vulnerability affecting D-Link NAS devices. It is being tracked under CVE-2024-3273 and believed to affect as many as 92,000 devices.
Branch History Injection and Intra-mode Branch Target Injection / CVE-2022-0001, CVE-2022-0002 / INTEL-SA-00598
https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/advisory-guidance/branch-history-injection.html
https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/advisory-guidance/branch-history-injection.html
Intel
Branch History Injection and Intra-mode Branch Target Injection
Overview and mitigation guidance for Branch History Injection (CVE-2022-0001) and Intra-mode Branch Target Injection (CVE-2022-0002).
New Technique to Trick Developers Detected in an Open Source Supply Chain Attack
https://checkmarx.com/blog/new-technique-to-trick-developers-detected-in-an-open-source-supply-chain-attack/
https://checkmarx.com/blog/new-technique-to-trick-developers-detected-in-an-open-source-supply-chain-attack/
Checkmarx
New Technique Detected in an Open-Source Supply Chain Attack
In a recent attack campaign, cybercriminals were discovered cleverly manipulating GitHub's search functionality, and using meticulously crafted repositories to distribute malware.
/ How Hackers Can Hijack 2FA Calls with Sneaky Call Forwarding
https://www.404media.co/how-hackers-can-hijack-2fa-calls-with-sneaky-call-forwarding/
https://www.404media.co/how-hackers-can-hijack-2fa-calls-with-sneaky-call-forwarding/
404 Media
How Hackers Can Hijack 2FA Calls with Sneaky Call Forwarding
In a crude but potentially effective attack, a hacker sends a malicious link which quickly sets up call forwarding for a target’s phone number. The result is the interception of 2FA calls, including for Gmail.
CISSP Cheat Sheet Series.pdf
573.1 KB
/ Security & Risk Management (CISSP Cheat Sheet)
Covers a range of key topics:
- Domain 1: Security and Risk Management
- Domain 2: Asset Security
- Domain 3: Security Architecture and Engineering
- Domain 4: Communication and Network Security
- Domain 5: Identity and Access Management
- Domain 6: Security Assessment and Testing
- Domain 7: Security Operations
- Domain 8: Software Development Security
Covers a range of key topics:
- Domain 1: Security and Risk Management
- Domain 2: Asset Security
- Domain 3: Security Architecture and Engineering
- Domain 4: Communication and Network Security
- Domain 5: Identity and Access Management
- Domain 6: Security Assessment and Testing
- Domain 7: Security Operations
- Domain 8: Software Development Security
BatBadBut: You can't securely execute commands on Windows
The root cause of BatBadBut is the overlooked behavior of the CreateProcess function on Windows.
When executing batch files with the CreateProcess function, Windows implicitly spawns cmd.exe because Windows can’t execute batch files without it:
https://flatt.tech/research/posts/batbadbut-you-cant-securely-execute-commands-on-windows
The root cause of BatBadBut is the overlooked behavior of the CreateProcess function on Windows.
When executing batch files with the CreateProcess function, Windows implicitly spawns cmd.exe because Windows can’t execute batch files without it:
https://flatt.tech/research/posts/batbadbut-you-cant-securely-execute-commands-on-windows
GMO Flatt Security Research
BatBadBut: You can't securely execute commands on Windows
Introduction
Hello, I’m RyotaK ( @ryotkak
), a security engineer at Flatt Security Inc.
Recently, I reported multiple vulnerabilities to several programming languages that allowed an attacker to perform command injection on Windows when the specific conditions…
Hello, I’m RyotaK ( @ryotkak
), a security engineer at Flatt Security Inc.
Recently, I reported multiple vulnerabilities to several programming languages that allowed an attacker to perform command injection on Windows when the specific conditions…
WIFI Credential Dumping
Techniques to retrieve the PSK from a workstation post-compromise (Windows)
https://www.r-tec.net/r-tec-blog-wifi-credential-dumping.html
Techniques to retrieve the PSK from a workstation post-compromise (Windows)
https://www.r-tec.net/r-tec-blog-wifi-credential-dumping.html
www.r-tec.net
Blog WIFI Credential Dumping
This blog won't dive into any of the mentioned WIFI attacks, but will highlight techniques to retrieve the PSK from a workstation post-compromise instead.
Forwarded from OpenBLD.net (Yevgeniy Goncharov)
JetBrains следуя практикам поддержки Open Source, в этом году поддержал OpenBLD.net и меня новой лицензией
JetBrains - это первая компания, которая поддержала мою инициативу на пути создания моих открытых проектов. Такая поддержка, явилась значимой для меня, моей мотивации и движения вперед. Благодаря таким активностям ты понимаешь, что не тратишь время впустую, что не тянешь это все в одну упряжку, есть те, кто понимает тебя, кто поддерживает тебя и твои идеи и это делает тебя еще сильнее и еще ближе на пути достижения поставленных целей и реализации твоих идей.
Это круто, это приятно и это дает возможность двигаться еще дальше, чем ты есть на сегодня.
Всем кто имеет возможность оказывать помощь людям и проектам в их развитии и поддерживает и оказывает - посвящается. Успехов всем нам! Peace ✌️
JetBrains OSS - https://www.jetbrains.com/opensource/
JetBrains - это первая компания, которая поддержала мою инициативу на пути создания моих открытых проектов. Такая поддержка, явилась значимой для меня, моей мотивации и движения вперед. Благодаря таким активностям ты понимаешь, что не тратишь время впустую, что не тянешь это все в одну упряжку, есть те, кто понимает тебя, кто поддерживает тебя и твои идеи и это делает тебя еще сильнее и еще ближе на пути достижения поставленных целей и реализации твоих идей.
Это круто, это приятно и это дает возможность двигаться еще дальше, чем ты есть на сегодня.
Всем кто имеет возможность оказывать помощь людям и проектам в их развитии и поддерживает и оказывает - посвящается. Успехов всем нам! Peace ✌️
JetBrains OSS - https://www.jetbrains.com/opensource/
100 web vulnerabilities, categorized into various types.pdf
430.2 KB
Simple categorized list of vulnerability types.
CSI-DEPLOYING-AI-SYSTEMS-SECURELY.pdf
494 KB
Best Practices for Deploying Secure and Resilient AI Systems
from Canadian Centre for Cyber Security
from Canadian Centre for Cyber Security
/ flatpak CVE-2024-32462 : Sandbox escape via RequestBackground
https://www.openwall.com/lists/oss-security/2024/04/18/5
https://www.openwall.com/lists/oss-security/2024/04/18/5
/ Blind Spot: how I get from Docker Registry To RCE
https://medium.com/@red.whisperer/blind-spot-from-docker-registry-to-rce-b0d46e043798
https://medium.com/@red.whisperer/blind-spot-from-docker-registry-to-rce-b0d46e043798
Medium
Blind Spot: how I get from Docker Registry To RCE
Introduction
MagicDot
A set of rootkit-like abilities for unprivileged users, and vulnerabilities based on the DOT-to-NT path conversion known issue:
https://github.com/SafeBreach-Labs/MagicDot
A set of rootkit-like abilities for unprivileged users, and vulnerabilities based on the DOT-to-NT path conversion known issue:
https://github.com/SafeBreach-Labs/MagicDot
GitHub
GitHub - SafeBreach-Labs/MagicDot: A set of rootkit-like abilities for unprivileged users, and vulnerabilities based on the DOT…
A set of rootkit-like abilities for unprivileged users, and vulnerabilities based on the DOT-to-NT path conversion known issue - SafeBreach-Labs/MagicDot
/ The iconv() function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to bytes when converting strings to the ISO-2022-CN-EXT character set, which may be used to
crash an application or overwrite a neighbouring variable.
https://sourceware.org/pipermail/libc-announce/2024/000040.html
a new exploitation technique that affects the whole PHP ecosystem, and the compromission of several applications.
CVE-2024-2961
https://security-tracker.debian.org/tracker/CVE-2024-2961
crash an application or overwrite a neighbouring variable.
https://sourceware.org/pipermail/libc-announce/2024/000040.html
a new exploitation technique that affects the whole PHP ecosystem, and the compromission of several applications.
CVE-2024-2961
https://security-tracker.debian.org/tracker/CVE-2024-2961