Security Operations

Data-bouncing - New Exfil and C2 Technique::Data-Bouncing - The art of indirect exfiltration.

Supercharging Red-Teaming with Infrastructure as Code Integration::WolfPack combines the capabilities of Terraform and Packer to streamline the deployment of red team redirectors on a large scale. - GitHub - RoseSecurity-Research/WolfPack: WolfPack combines the capabilities of Terraform and Packer to streamline the deployment of red team redirectors on a large scale.

Detecting and annoying Burp users::Personal blog of Julien (jvoisin) Voisin

Cisco IOS XE exploit caught by honeypot::🚨 #Cisco #IOSXE #CVE-2023-20198 #CVE-2023-20273

Patience is a virtue 🙂

We can confirm: New activity from IP 192.3.101[.]111 today. Our HPs 🍯 show exploit attempts on clean appl. + Implant usage e.g. "show ver" for recon.

Happy to share PCAPs, TLP:💛 ➡️ DM. cc @ET_Labs

Three new NGINX ingress controller vulnerabilities were just reported and how they affect Kubernetes::CVE-2023-5043, CVE-2023-5044 and CVE-2022-4886 can be exploited by attacker to steal secret credentials from the cluster. Read all about it!

A new ransomware uses virtual machine to dodge security::Ragnar Locker remains out of reach of the security software.

Cure53 | Pentest-Report Tor Browser & OONI 02.-03.2023::undefined

CVE-2023-46747: Pre-Auth Remote Code Execution in F5-BIGIP via AJP Request Smuggling::Our team identified a request smuggling vulnerability that led to complete compromise of an F5 system with the TMUI exposed.

Threat Hunting: Detecting Browser Credential Stealing [T1555.003]::Adversaries can steal credentials, cookies and other private data from browsers using various techniques. We cover how you can simulate Credential Stealing From Browser s and detect it with your security tools. Sigma Rules Inside.

Cisco IOS XE CVE-2023-20198 and CVE-2023-20273: WebUI Internals, Patch Diffs, and Theory Crafting::Cisco IOS XE CVE-2023-20198 technical deep-dive, WebUI internals, patch diffing, and exploit theory crafting.

Svchost triage::Svchost.exe and internet sharing service analysis. The triage of a host making DNS beacons to known C2s of an infostealer.

CVE-2023-33466 - Exploiting Healthcare Servers with Polyglot Files::A recently disclosed CVE for the Orthanc DICOM server can be used to obtain Remote Code Execution. As a PoC was not available, we wrote one.

Blog Post: How to build your first hardware hacking lab::VSS Hardware Hacking Wiki and Blog Entries

Microsoft Account's OAuth tokens leaking via open redirect in Harvest App::Reported an OAuth token leak via open redirect in Harvest.

Protobuf Magic: Burp Extension for Deserializing Protobuf Without .proto Files::Contribute to DeiteriyLab/protobuf-magic development by creating an account on GitHub.

Multiple North Korean threat actors exploiting the TeamCity CVE-2023-42793 vulnerability::Since early October 2023, Microsoft has observed North Korean nation-state threat actors Diamond Sleet and Onyx Sleet exploiting the Jet Brains TeamCity CVE-2023-42793 remote-code execution vulnerability. Given supply chain attacks carried out by these threat actors in the past, Microsoft assesses that this activity poses a particularly high risk to organizations who are affected.

The single-packet attack: making remote race-conditions 'local'::The single-packet attack is a new technique for triggering web race conditions. It works by completing multiple HTTP/2 requests with a single TCP packet, which effectively eliminates network jitter an

Synology Replaces Weak PRNG in its NAS Devices, Shuts Down Account Takeover::undefined

Widespread Cisco IOS XE Implants in the Wild::VulnCheck scanned the internet for implanted Cisco IOS XE systems and found thousands of results.

BLE Spam allows now to send unwanted notifications to iOS, Android and Windows at once using Flipper Zero or Android::So far, it was possible to spam through proximity paring messages only iOS devices, either using Flipper Zero, Arduino board or any Android as explained in my previous blog here. However, recently developers of Xtreme firmware for Flipper Zero pushed and update of BLE Spam application that besides spamming iPhones can also spam Android and

Hacking ServiceNow Instances While Unauthenticated For Fun and Profit::undefined

“EtherHiding” — Hiding Web2 Malicious Code in Web3 Smart Contracts::undefined

GitHub - sterrasec/dummy: Generator of static files for testing file upload. It can generate the png file of any number of bytes!::Generator of static files for testing file upload. It can generate the png file of any number of bytes! - GitHub - sterrasec/dummy: Generator of static files for testing file upload. It can generate the png file of any number of bytes!

cloudgrep now supports GCP and Azure - Open source tool for searching in cloud storage::cloudgrep is grep for cloud storage. Contribute to cado-security/cloudgrep development by creating an account on GitHub.

An analysis of an in-the-wild iOS Safari WebContent to GPU Process exploit::By Ian Beer A graph representation of the sandbox escape NSExpression payload In April this year Google's Threat Analysis Group, in ...