2024-02-15 // Today, ESC13 introduces a method exploiting Active Directory Certificate Services for privilege escalation through certificate issuance linked to group memberships. Secbutler, a command-line utility, simplifies tasks for cybersecurity professionals, covering reverse shell command generation and more. The rust-shellcode and XC utilities demonstrate innovative approaches in shellcode execution and reverse shell capabilities, respectively, enhancing methods to bypass antivirus detection and facilitate file transfers. Notable findings include a remote buffer overflow vulnerability in wpa_supplicant for Android, and HarfangLab’s insights into reverse engineering .NET AOT applications. IOCTLance showcases vulnerability identification in Windows Driver Model drivers using symbolic execution. Techniques for executing Browser In The Browser (BITB) phishing attacks and the exploitation of various software vulnerabilities, including CVE-2022-20186 in Android Mali GPU drivers and CVE-2023-6546 in the Linux kernel, highlight the evolving landscape of cybersecurity threats and defenses. These contributions, along with tools for LDAP monitoring, Drupal vulnerability exploitation, and Linux persistence, underscore the continuous development and diversification of cybersecurity practices. [more...]

2024-02-14 // Marcus Hutchins introduced EDR-Preloading to run code secretly before security systems start. Domainim is a new tool for finding web security risks, including checking hostnames and ports. A flaw in the Laravel PHP framework lets hackers run code from afar, urging updates for safety. Techniques for analyzing RedLine stealer malware were shared. TInjA helps find website vulnerabilities. A WinRAR exploit showshow hackers can sneakily run harmful code. The CVE-2024-23897 bug in Jenkins could let someone remotely control systems, highlighting the need for good security. Rick Ramgattie found exposed RazorPay API keys on GitHub, showing why secure coding is crucial. Webhood is a new tool for checking website safety. There are new methods to patch .NET functions to avoid detection. Wildcard-mail-finder and nrich help find email patterns and scan for vulnerabilities. APKLeaks scans Android apps for hidden data, focusing on privacy. DFSCoerce-exe allows using different login details for security, and ShellSweep finds potential webshells to protect servers. A demo for CVE-2022-36553 shows how to exploit certain vulnerabilities for learning. Finally, Swarm offers cloud-based security scanning, showing advancements in cybersecurity tools. [more...]

2024-02-13 // Today, a new way to turn off Windows Defender, a computer’s guard against viruses. There’s a tool named go-secdump that can find computer secrets from far away. Z-Labs made a new tool to help test computer security across different systems. There are tips for secretly checking computers without getting caught. Netlas.io helps find weaknesses in computer networks. There’s also a way to hide when looking through directories to stay unnoticed. Lastly, CookieBlock helps control which website cookies can stay on your browser, keeping your internet use private. [more...]

2024-02-12 // Today, Ken Shirriff explains how a 1950s device calculated flight data without a computer. IMDSpoof tricks hackers into attacking a fake system to protect AWS. Learn to find and stop cyber threats with tools like Censys. Enhance Cobalt Strike to hide from security systems. Use GoBuster to find hidden website parts. Learn to hide malware in Excel with XLL dropper. DarkWidow helps hackers take control of Windows systems secretly. [more...]

2024-02-11 // Explore the HackTheBox Keeper box exploitation via default credentials and KeePass vulnerability (CVE-2022-32784) for SSH key access; delve into Windows Golang binaries analysis with gftrace; uncover time-based blind SQL injection in HTTP headers using SqliSniper with multi-threading and Discord alerts; learn Windows process injection via thread pools from SafeBreach Labs and Alon Leviev; assess system defenses with HardeningMeter’s table/CSV outputs; enhance pen-testing with Rapid7’s Metasploit for Fortra GoAnywhere MFT (CVE-2024-0204); boost XSS strategies with radhasec’s 8000+ payload xss_payload repository; implement Proxy DLL Loading via 0xf00I’s Rust tool; stay updated on password security with Lares Labs; access Appsec tools on Whitespots’ GitLab; exploit Ivanti SSRF vulnerability (CVE-2024-21893); probe Docker hosts with DockerExploit; detect web malware with sussyfinder; terminate processes using Antonio Parata’s ‘s4killer’ and probmon.sys vulnerability; demonstrate Windows thread pools with fin3ss3g0d’s NativeThreadpool; inject memory shells into WebLogic with MemshellKit (CVE-2017-10271); heed FBI’s warning on global KV-botnet spread; beware of RustDoor macOS backdoor; secure networks against libuv’s SSRF flaw (CVE-2024-24806); consider Canada’s potential Flipper Zero ban; act on Fortinet’s FortiOS RCE (CVE-2024-21762) and FortiSIEM flaws; watch for Trojan.MAC.RustDoor as Visual Studio update; defend against AndroxGh0st botnet with Imperva’s indicators; shut down VexTrio’s 70,000-site malware/phishing network; address Ivanti’s authentication bypass (CVE-2024-22024); enhance defenses against SIM-swapping post-breach; respond to CU Solutions Group’s data leak; avoid fake “Temu” domains; and tackle Ivanti’s SSRF vulnerability as noted by the National Vulnerability Database. [more...]