October 21, 2024
October 21, 2024
New blog!
— 0SKR (@saab_sec) October 19, 2024
I hate you COM – Pitfalls of COM object activation!
Addressing few issues in .NET unmanaged apis when used in offensive coding https://t.co/KKpAlkM4fh
I have just discovered a nice YouTube channel about GSM/Cellular hacking , this is really valuable, great job ! @arifkyi https://t.co/mGextDgqnH
— Th3g3nt3lman (@Th3G3nt3lman) October 19, 2024
New blog post: bedevil: Dynamic Linker Patchinghttps://t.co/Zu7B1r0mMi
— Stephan Berger (@malmoeb) October 19, 2024
bedevil (bdvl) is an LD_PRELOAD rootkit. The group Muddled Libra used bedevil to target VMware vCenter servers in 2024, according to Palo Alto’s Unit42 Blog.
The rootkit comes with a nifty feature called… pic.twitter.com/MD8YfMzW7H
— Meysam (@R00tkitSMM) October 19, 2024
Well, the bad news is that they broke into my rental car. The good news is they gave up as soon as they figured out they were stealing AOL CDs pic.twitter.com/ea5GomfCUw
— Jason Scott (@textfiles) October 20, 2024
Now a good one: In the latest Windows 11 Enterprise Insider edition, with Credential Guard enabled (by default), the "tgtdeleg" trick, previously a key for attack chains, is no more possible #tgtdeleg #rubeus pic.twitter.com/p8KPR89myf
— ap (@decoder_it) October 20, 2024
I discussed this with @0x64616e not long ago. For anyone wanting more details, these docs explain why it doesn't work - it's a cred guard feature and applies to other Windows versions. https://t.co/IQlnL5Kbue
— ATTL4S (@DaniLJ94) October 20, 2024
TOOL RELEASE DAY?
— Dan McInerney (@DanHMcInerney) October 19, 2024
TOOL RELEASE DAY!https://t.co/IK35vtqzPE
World's first AI-found 0days! @byt3bl33d3r and I wrote Vulnhuntr, a Python static code analyzer that finds complex, remotely exploitable vulnerabilities powered by Claude.
In case you weren't at #nohat2024 but still wanna nerd over RPC, authentication and what's in between, we summarized everything to a blogpost as well. Slides and PoC are on our Github as well.https://t.co/Flu2HlvVth
— Stiv Kupchik (@kupsul) October 19, 2024
👾 Game Hacking: A Comprehensive Guide on Game Hacking
— Muqsit 𝕏 (@mqst_) October 19, 2024
Part 0: https://t.co/xK4MAo1qwU
Part 1: https://t.co/upl5n5zQp5
Part 2: https://t.co/sri4iuQkTE
Part 3: https://t.co/UKsoGXIkaq
Part 4: https://t.co/jszNkTVgHH
Part 5: https://t.co/i6I8G2sASZ#infosec #gamehacking pic.twitter.com/gMDaVPbSgP
Looks like DEF CON talks are up on YouTube! If you want to see a fun talk on crawling online markets for the spicy silicon, check mine out here: https://t.co/ilGBDHgNRZ
— mandatory@infosec.exchange (@IAmMandatory) October 20, 2024
4 exploits 1 bug
4 exploits, 1 bug: exploiting CVE-2024-20017 4 different ways | hyprblog
a post going over 4 exploits for CVE-2024-20017, a remotely exploitable buffer overflow in a component of the MediaTek MT7622 SDK.
Ghosts - automated user actions, like an npc
Give this a look, it’s called GHOSTS, it allows you to simulate/automate different types of user traffic/activities. Normally used cybersecurity testing, it might work for what you need.https://t.co/547OnOlHQa https://t.co/qZQXMkyyIu
— John Breth (JB) | CyberInsight® on YouTube (@JBizzle703) October 19, 2024
GitHub - cmu-sei/GHOSTS: GHOSTS is a realistic user simulation framework for cyber experimentation, simulation, training, and exercise
GHOSTS is a realistic user simulation framework for cyber experimentation, simulation, training, and exercise - cmu-sei/GHOSTS
A must watch by @Blaklis_ covering some funky bug bounty exploits with all the juicy details. https://t.co/xw2XBwO9Uo
— Shlomie Liberow (@Shlibness) October 19, 2024
https://www.theregister.com/2024/10/19/california_drone_drug_deal/
Do you have alerts in your Splunk / SIEM that hit when you receive less than the minimum messages per second? Apparently not. No one does that. https://t.co/hroVW0kPxj
— Marius (wishi) (@windsheep_) October 20, 2024