November 4, 2024

                            November 4, 2024

                November 4, 2024

                        November 4, 2024

Mind the v8 patch gap: Electron's Context Isolation is insecure

Electron uses V8 isolates for context isolation, but the v8 patch gap allows bypassing it. Apps rarely update to the latest electron version, leaving context isolation useless.

More here:https://t.co/rq2qHHtjai
— s1r1us | Mohan Sri Rama Krishna Pedhapati (@S1r1u5_) November 3, 2024

I have identified 28 bots targeting intel/mil/geopol/logistics/energy people. They reply, follow and quote and are most often very enthusiastic. 

End game is unknown, but a guess is recruitment or information gathering. Maybe just influence.

Anyway, here they are, in network… https://t.co/SinSZACG69 pic.twitter.com/3eja8GaOTe
— auonsson (@auonsson) November 2, 2024

This guide has a lot of good tricks to use post-exploitation on Linux. https://t.co/64xOJ5wq9m
— Craig Rowland - Agentless Linux Security (@CraigHRowland) November 3, 2024

  Linux Privilege Escalation | HackTricks

🔥💀After 40 hours of constant reversing of weird looking c++ and no sleep, I Finally cooked the 

CVE-2024-47575 fortimanager unauthenticated RCE 🩸 https://t.co/fU30IZs0N1
— SinSinology (@SinSinology) November 4, 2024

This nation was literally founded by anonymous posters https://t.co/GSSbjMigu7 pic.twitter.com/knaIH3lVxG
— Matt Popovich (@mpopv) November 4, 2024

If you into cracking password hashes you are probably familiar with this sheet. It contains cracking statistics for different wordlists, rules and masks. Also links on where to find these wordlists and rules. 

Credits: PenguinKeeperhttps://t.co/D34gQxRZy6 pic.twitter.com/svvorQieRI
— 🕳 (@sekurlsa_pw) November 3, 2024

Why Chinese spies are sending a chill through Silicon Valleyhttps://t.co/LladdbYhNt
— Dr. Dan Lomas (@Sandbagger_01) November 4, 2024

Malware Development :

Part 8 : Reverse Shell Via Dll Hijacking : https://t.co/cUWP4CWnRj

Part 7 : Advanced code injection :  https://t.co/UpHP0qvbb5

Part 6 : DLL Hijacking : https://t.co/rti115GOqg

Part 5 : DLL injection into the process : https://t.co/5fNdS6pHrN

Part 4 :…
— Binni Shah (@binitamshah) November 4, 2024

New LOL project, LOLAD a collection of Active Directory techniques! 👇https://t.co/TnF7QlZn2Q pic.twitter.com/VilCEYfkln
— Thomas Roccia 🤘 (@fr0gger_) November 4, 2024

                            Don't miss what's next. Subscribe to the grugq's newsletter: