April 10, 2022

CyberSecNews Weekly - 0x24-W1622

Tools

• trufflesecurity/trufflehog
  Find credentials all over the place.

• kris-nova/boopkit
  Linux eBPF backdoor (TCP) for spawning reverse shells.

• A curated list of Assembly Language / Reversing / Malware Analysis / Game Hacking-resources
  A curated list of Assembly Language / Reversing / Malware Analysis / Game Hacking

Articles

• SpringShell RCE vulnerability: Guidance for protecting against and detecting CVE-2022-22965
  Microsoft provides guidance for customers looking for protection against exploitation and ways to detect vulnerable installations on their network of the critical vulnerability CVE-2022-22965, also known as SpringShell or Spring4Shell.

• Automatically extracting static antivirus signatures
  

Tutorial

• Dirty Pipe Explained - CVE-2022-0847
  On 7th March’22, security researcher Max Kellermann published the vulnerability nicknamed ‘Dirty-Pipe’ which was assigned as CVE-2022-0847.

IR & Reversing

• Google is on guard: sharks shall not pass!
  When you search for Anti-Virus (AV) solutions to protect your mobile devices, you don’t expect these solutions to do the opposite i.e. make devices vulnerable to malware. This what the Check Point Research (CPR) team encountered while analyzing suspicious applications found in Google Play.