NetSec - Infosec news & discussion
- seanpesce.blogspot.com AWS IoT Core: A Compromised Device Perspective
TL;DR I recently spent some time exploring the potential capabilities that an evil IoT device might have within an AWS...
I recently spent some time exploring the potential capabilities that an evil IoT device might have within an AWS IoT Core environment. This culminated in the thoughts I've transcribed in this blog post, as well as a command-line tool to help with enumeration and data harvesting during security assessments of products that interact with AWS IoT Core.
-
CVE-2020-19909 is everything that is wrong with CVEs
> > > This is a story consisting of several little building blocks and they occurred spread out in time and in different places. It is a story that shows with clarity how our current system with CVE Ids and lots of power given to NVD is a completely broken system. > >
- unit42.paloaltonetworks.com Threat Group Assessment: Mallox Ransomware
Mallox ransomware activity has increased in 2023. Our assessment of this gang and their recent behavior includes attack types and recruitment efforts.
-
Critical AMI BMC Bug
Just wanted to share:
https://www.bleepingcomputer.com/news/security/critical-ami-megarac-bugs-can-let-hackers-brick-vulnerable-servers/
- labs.hakaioffsec.com Hunting for Nginx Alias Traversals in the wild
Nginx, a versatile web server pivotal to numerous internet infrastructures, has held a dominant market share since its inception in 2004, with widespread adoption across websites and Docker containers. This article delves into the intricacies of Nginx, focusing on the location and alias directives t...
-
8Base Ransomware: A Heavy Hitting Player
8Base ransomware group has remained relatively unknown despite the massive spike in activity in Summer of 2023, learn more about their attack patterns.
-
Finding Gadgets for CPU Side-Channels with Static Analysis Tools
github.com security-research/pocs/cpus/spectre-gadgets/README.md at master · google/security-researchThis project hosts security advisories and their accompanying proof-of-concepts related to research conducted at Google which impact non-Google owned code. - security-research/pocs/cpus/spectre-gad...
Google researchers Jordy Zomer & Alexandra Sandulescu explain how they used CodeQL to discover Spectre-v1 gadgets in the Linux kernel.
-
Android SELinux Internals
8ksec.io Android SELinux Internals Part I | 8kSec BlogsThis is part I of a 2 part series on Android SELinux Internals where we will do a deepdive into the world of SELinux on Android and understand its inner workings, along with its functionalities and benefits. We'll discuss how SELinux provides security on Android devices and ways to bypass it. This i...
"This is part 1 of a 2-part series on Android SELinux Internals where we will do a deep dive into the world of SELinux on Android and understand its inner workings, along with its functionalities and benefits. We'll discuss how SELinux provides security on Android devices and ways to bypass it."
-
LibreOffice Arbitrary File Write (CVE-2023-1883)
Write up by Secfault Security
-
CVE-2023-25136 OpenSSH Pre-Auth Double Free Writeup & DoS PoC
jfrog.com CVE-2023-25136 OpenSSH Pre-Auth Double Free Writeup & PoCUnderstanding the OpenSSH CVE-2023-25136 high vulnerability. Read our analysis with Proof-of-Concept, learn what's vulnerable, and discover remediations.
-
Day Podcast (DayZeroSec) - a deeply technical podcast that covers infosec news, vulnerabilities/exploits, and per-episode "Spot the Vuln" challenges
In my opinion, this is far-and-away the best infosec audio/video content out there (and no, I'm not affiliated in any way).
https://dayzerosec.com/ https://twitch.tv/dayzerosec https://youtube.com/c/dayzerosec https://twitter.com/dayzerosec
-
One-click Open-redirect to own Samsung S22 at Pwn2Own 2022
starlabs.sg The Old, The New and The Bypass - One-click/Open-redirect to own Samsung S22 at Pwn2Own 2022TLDR; We began our work on Samsung immediately after the release of the Pwn2Own Toronto 2022 target list. In this article, we will dive into the details of an open-redirect vulnerability discovered during the Pwn2Own 2022 event and how we exploited it on a Samsung S22 device. By breaking down the te...
"In this article, we will dive into the details of an open-redirect vulnerability discovered during the Pwn2Own 2022 event and how we exploited it on a Samsung S22 device. By breaking down the technical aspects and using code snippets, we aim to provide a comprehensive overview of this critical security flaw."
-
Discovering vulnerabilities in Android permissions using a solver approach
blog.thalium.re Leveraging Android Permissions: A Solver ApproachThe Android permission management system has already suffered from several vulnerabilities in the past. Such weaknesses can grant dangerous permissions to a malevolent application, an example being CALL_LOG, which gives access to all incoming and outgoing calls. This post dives into the Android perm...
"This post dives into the Android permission system and how a solver was leveraged to find new vulnerabilities. With this approach, a privilege escalation was identified, which was fixed and assigned CVE-2023-20947 by Google."
-
An Introduction to the Art of Fuzzing
bushido-sec.com The art of Fuzzing: Introduction. - Bushido SecurityThis fuzzing introduction cover all the essentials one should know about the art of fuzzing. It explain major concept and illustrate it with and hands-on exercise the reader can follow. In conclusion some hints are given on how to hunt for bugs with fuzzing.
Bushido Security | "This fuzzing introduction covers all the essentials one should know about the art of fuzzing. It explains major concepts and illustrates them with hands-on exercises the reader can follow."
-
Exploiting null Dereferences in the Linux Kernel | Project Zero
googleprojectzero.blogspot.com Exploiting null-dereferences in the Linux kernelPosted by Seth Jenkins, Project Zero For a fair amount of time , null-deref bugs were a highly exploitable kernel bug class. Back when...
-
0DayFans - an aggregator for vulnerabilities and other infosec news
Made by the creators of the DayZeroSec podcast