I’ve been spending some time building new content for our Introduction to Red Teaming course, which has been great for diving into AV/EDR bypass techniques again. In this blog post, I will...
In my previous blog post I dug into a general overview of the KASAN implementation in XNU. This post goes more in depth in detecting kernel uninitialized information leaks using it (no 0days...
Siemens industrial solutions are affected by SegmentSmack and FragmentSmack vulnerabilities, which could lead to device denial of service
In new ransomware attacks, victims face the choice between paying the ransom and seeing their sensitive data published by the attackers
If exploited, the vulnerabilities could lead to arbitrary code execution, file manipulations, denial of service and the creation of an admin account
Authored by: Sang Ryol Ryu and Chanung Pak McAfee Mobile Research team has found another variant of MalBus on an... The post MalBus Actor Changed Market from Google Play to ONE Store appeared...
In order to learn about serverless architecture, I experimented with implementing a quick proof of concept crash triaging tool using AWS Lambda Functions. There are many benefits of serverless...
On 2020-04-08, a campaign was reported, involving an unknown actor, gaining initial access via , targeting Kubernetes to achieve Resource hijacking.
While not a new practice, the sheer volume of people required to adhere to social distancing best practices means we... The post Transitioning to a Mass Remote Workforce – We Must Verify Before...
Although the use of global events as a vehicle to drive digital crime is hardly surprising, the current outbreak of... The post COVID-19 Threat Update – now includes Blood for Sale appeared first...
In the past month, 10 more hospitals have fallen victim to Ryuk attacks in the US
Recently Apple patched a vulnerability (CVE-2020-3919) in IOHIDFamily in their security update 10.15.4 which may allow a malicious application to execute arbitrary code with kernel privileges. It...
Introduction Recently, I encountered a fully password-less environment. Every employee in this company had their own smart card that they used to login into their computers, emails, internal...
We found just three almost unique samples, all in one country. So we consider the attacks to be targeted and have currently named this operation WildPressure.
LibVNC client code contains heap buffer overflow vulnerability in commit prior to 6073771eed1caf72f196e410182471e0dfd32149. This could possible result into remote code execution. This attack...
TigerVNC version prior to 1.10.1 is vulnerable to stack buffer overflow, which could be triggered from CMsgReader::readSetCursor. This vulnerability occurs due to insufficient sanitization of...
TigerVNC version prior to 1.10.1 is vulnerable to heap buffer overflow, which occurs in TightDecoder::FilterGradient. Exploitation of this vulnerability could potentially result into remote code...
TigerVNC version prior to 1.10.1 is vulnerable to heap buffer overflow. Vulnerability could be triggered from CopyRectDecoder due to incorrect value checks. Exploitation of this vulnerability...
TigerVNC version prior to 1.10.1 is vulnerable to stack use-after-return, which occurs due to incorrect usage of stack memory in ZRLEDecoder. If decoding routine would throw an exception,...
TigerVNC version prior to 1.10.1 is vulnerable to heap buffer overflow, which could be triggered from DecodeManager::decodeRect. Vulnerability occurs due to the signdness error in processing...
A Heap-based Buffer Overflow was found in Emerson OpenEnterprise SCADA Server version 2.83 (if Modbus or ROC Interfaces have been installed and are in use) and all versions of OpenEnterprise 3.1...
Moxa’s cellular management software OnCell Central Manager Version lower than 2.4.1 was affected to XML External Entity (XXE) due to vulnerable third-party component usage (Apache Flex BlazeDS).
Moxa’s cellular management software OnCell Central Manager Version lower than 2.4.1 was affected to Remote Code Execution due to vulnerable third-party component usage (Apache Flex BlazeDS).
Intro In this blog post I want to show a simulation of a real-world Resource Based Constrained Delegation attack scenario that could be used to escalate privileges on an Active Directory domain. I...
Intro Last Christmas I was doing quite a bit of research around an exploit for Chrome’s JavaScript engine, V8. While most of the concepts around the exploit might seem familiar: for example, what...
Do you know what your attackers know? There’s a good chance you know, but you might not be aware of just how much information can be found historically and in […] The post Webcast: Enterprise...
This article will show some initial research into booting a KSAN kernel, testing the KASAN functionality and some initial groundwork on KSANCOV. This functionality is super useful when performing...
Beijing, 23-27 December 2019: Kaspersky ICS CERT together with the China Industrial Control Systems Cyber Emergency Response Team (CIC) conducted a training course on digital forensics and...
Abstract Several targeted attack groups share the tools used in the attack and are reported to be doing similar attacks. Attack tools are also shared in attacks targeting Japanese organizations,...
A summary of the NCSC’s security analysis for the UK telecoms sector