October 15, 2024
October 15, 2024
Very detailed analysis of attack chain (0day path traversal & command injection, same as it ever was) => Burning Zero Days: Suspected Nation-State Adversary Targets Ivanti CSA - https://t.co/jC8HRIJoTw pic.twitter.com/vr3IJcem3w
β b33f | πΊπ¦β (@FuzzySec) October 13, 2024
Been a while setting up my new environment. im back nerds ... ;)
β Smukx.E (@5mukx) October 13, 2024
PPID Spoofing: https://t.co/njwuTpIvcS#maldev #development #letsgoo #rust #pwn pic.twitter.com/IiiZBd81Cz
Big statement by Canadian police. βAn extraordinary situation is compelling us to speak about what we have discovered in our multiple ongoing investigations into the involvement of agents of the Government of India in serious criminal activity in Canadaβ https://t.co/TMaGMyiOo0
β Shashank Joshi (@shashj) October 14, 2024
Thread by @shashj on Thread Reader App β Thread Reader App
@shashj: Big statement by Canadian police. βAn extraordinary situation is compelling us to speak about what we have discovered in our multiple ongoing investigations into the involvement of agents of the Government o...β¦
The underlying paper on clickjacking has the wonderful name:
β Eileen Clancy (@clancynewyork) August 26, 2019
All Your Clicks Belong to Me:
Investigating Click Interception on the Webhttps://t.co/CBcSNnOe1F pic.twitter.com/pGhZgACedX
https://www.usenix.org/system/files/sec19-zhang-mingxue.pdf[sec19-zhang-mingxue.pdf
QR codes are terrible in every way.
Be careful everyone, this happened in greystones. The lady's daughter was scammed out of β¬1000, using a QR code that she scanned to pay for parking. pic.twitter.com/oGlb4Zk2Xl
β lozzyloz (@lozzylozboz) October 13, 2024
New Blog Alert! π¨
β Outflank (@OutflankNL) October 15, 2024
Introducing Early Cascade Injection, a stealthy process injection technique that targets Windows process creation, avoids cross-process APCs, and evades top-tier EDRs.
Learn how it combines Early Bird APC Injection & EDR-Preloading: https://t.co/oWreVHNKyL pic.twitter.com/QrvDyJwGHP
I really would love to know which EDRs you tested this against cause your "novel" technique involves everything an EDR is looking for:
β SOC FI (@SOC5444) October 15, 2024
- Creating a handle to remote process
- remote memory allocation
- remote memory reprotection and writing
- Resume thread
Would test myself butβ¦
lol