NetSec - Infosec news & discussion

I recently spent some time exploring the potential capabilities that an evil IoT device might have within an AWS IoT Core environment. This culminated in the thoughts I've transcribed in this blog post, as well as a command-line tool to help with enumeration and data harvesting during security assessments of products that interact with AWS IoT Core.

This is a story consisting of several little building blocks and they occurred spread out in time and in different places. It is a story that shows with clarity how our current system with CVE Ids and lots of power given to NVD is a completely broken system.

Mallox ransomware activity has increased in 2023. Our assessment of this gang and their recent behavior includes attack types and recruitment efforts.

Just wanted to share:

https://www.bleepingcomputer.com/news/security/critical-ami-megarac-bugs-can-let-hackers-brick-vulnerable-servers/

Nginx, a versatile web server pivotal to numerous internet infrastructures, has held a dominant market share since its inception in 2004, with widespread adoption across websites and Docker containers. This article delves into the intricacies of Nginx, focusing on the location and alias directives that are central to how Nginx

8Base ransomware group has remained relatively unknown despite the massive spike in activity in Summer of 2023, learn more about their attack patterns.

Google researchers Jordy Zomer & Alexandra Sandulescu explain how they used CodeQL to discover Spectre-v1 gadgets in the Linux kernel.

"This is part 1 of a 2-part series on Android SELinux Internals where we will do a deep dive into the world of SELinux on Android and understand its inner workings, along with its functionalities and benefits. We'll discuss how SELinux provides security on Android devices and ways to bypass it."

Write up by Secfault Security

In my opinion, this is far-and-away the best infosec audio/video content out there (and no, I'm not affiliated in any way).

https://dayzerosec.com/
https://twitch.tv/dayzerosec
https://youtube.com/c/dayzerosec
https://twitter.com/dayzerosec

"In this article, we will dive into the details of an open-redirect vulnerability discovered during the Pwn2Own 2022 event and how we exploited it on a Samsung S22 device. By breaking down the technical aspects and using code snippets, we aim to provide a comprehensive overview of this critical security flaw."

"This post dives into the Android permission system and how a solver was leveraged to find new vulnerabilities. With this approach, a privilege escalation was identified, which was fixed and assigned CVE-2023-20947 by Google."

Bushido Security | "This fuzzing introduction covers all the essentials one should know about the art of fuzzing. It explains major concepts and illustrates them with hands-on exercises the reader can follow."

Made by the creators of the DayZeroSec podcast