We have released a new tool, MANTILLA, a powerful tool for malware analysis and vulnerability detection of libraries in statically-linked (and stripped) Linux binaries. Read our latest blog post to learn more! (full paper here: https://doi.org/10.1016/j.future.2024.107602) https://reversea.me/index.php/identifying-runtime-libraries-in-statically-linked-binaries-with-mantilla/
RME-DisCo @ UNIZAR [www.reversea.me]
@reverseame
Telegram channel of RME, part of the DisCo Research Group of the University of Zaragoza (Spain) focused on cybersecurity aspects. "It’s not that I have something to hide. I have nothing I want you to see"
Link to the channel: https://t.me/reverseame
Promotional Article for RME-DisCo @ UNIZAR [www.reversea.me] (English)
Are you interested in cybersecurity and want to stay updated on the latest research and developments in the field? Look no further than the Telegram channel "RME-DisCo @ UNIZAR [www.reversea.me]"! This channel is part of the DisCo Research Group at the University of Zaragoza in Spain and is dedicated to all things cybersecurity
Who is it? The channel is run by the RME team, which is part of the DisCo Research Group at the University of Zaragoza. The team is made up of experts in cybersecurity who are passionate about sharing their knowledge and insights with others
What is it? The channel focuses on cybersecurity aspects, providing valuable information, research updates, and tips to help you stay secure online. Whether you are a cybersecurity professional or someone who wants to learn more about the field, this channel is perfect for you
Join the community of like-minded individuals who are passionate about cybersecurity. Follow the link to the channel and start receiving valuable updates today: https://t.me/reverseame
RME-DisCo @ UNIZAR [www.reversea.me]
21 Nov, 11:57
Breaking Down Multipart Parsers: File upload validation bypass #multipartformdataparsers #fileupload #validationbypass #WAF #inputvalidation https://blog.sicuranext.com/breaking-down-multipart-parsers-validation-bypass/
RME-DisCo @ UNIZAR [www.reversea.me]
21 Nov, 07:37
Upcoming hardening in PHP #PHPHardening #PHPExploitation #RemoteExploitTechniques #HardeningMeasures #PHPUpdates https://dustri.org/b/upcoming-hardening-in-php.html
RME-DisCo @ UNIZAR [www.reversea.me]
20 Nov, 19:49
A deep dive into Linux’s new mseal syscall #mseal #Linux #ExploitMitigations #MemorySealing #syscall https://blog.trailofbits.com/2024/10/25/a-deep-dive-into-linuxs-new-mseal-syscall/
RME-DisCo @ UNIZAR [www.reversea.me]
20 Nov, 15:53
A New Era of macOS Sandbox Escapes: Diving into an Overlooked Attack Surface and Uncovering 10+ New Vulnerabilities s #macOSSandboxEscapes #NewVulnerabilities #CVEList #ConferencePresentation #SecurityResearch https://jhftss.github.io/A-New-Era-of-macOS-Sandbox-Escapes/
RME-DisCo @ UNIZAR [www.reversea.me]
20 Nov, 11:32
Beyond RCE: Autonomous Code Execution in Agentic AI #AgenticAI #ACE #PromptInjection #PhishingAgenticSystems #TakingControl https://www.securityrunners.io/post/beyond-rce-autonomous-code-execution-in-agentic-ai
RME-DisCo @ UNIZAR [www.reversea.me]
20 Nov, 07:31
System prompt exposure: how AI image generators may leak sensitive instructions #AIImageGenerators #SystemPromptExposure #DiffusionModels #LLM #WebSecurityBlog https://www.invicti.com/blog/security-labs/system-prompt-exposure-how-ai-image-generators-may-leak-sensitive-instructions/
RME-DisCo @ UNIZAR [www.reversea.me]
19 Nov, 18:47
Everyday Ghidra: Ghidra Data Types— When to Create Custom GDTs — Part 1 #Ghidra #DataTypes #CustomGDTs #ReverseEngineering #WindowsSDK https://medium.com/@clearbluejar/everyday-ghidra-ghidra-data-types-when-to-create-custom-gdts-part-1-143fe45777eb
RME-DisCo @ UNIZAR [www.reversea.me]
19 Nov, 14:58
Microsoft Bookings – Facilitating Impersonation #MicrosoftBookings #SecurityRisk #Impersonation #CyberisLimited #DataProtection https://www.cyberis.com/article/microsoft-bookings-facilitating-impersonation
RME-DisCo @ UNIZAR [www.reversea.me]
19 Nov, 10:53
Tales of the Crimson Foes - Part 1 #CrimsonFoes #BreachingUnicorns #RedTeamTales #SecurityBlog #ForgottenScroll https://therealunicornsecurity.github.io/CrimsonFoes/
RME-DisCo @ UNIZAR [www.reversea.me]
19 Nov, 06:42
Bypass GuardDuty Pentest Findings for the AWS CLI¶ #AWSCLI #GuardDuty #PenTest #BurpSuite #CloudSecurity https://hackingthe.cloud/aws/avoiding-detection/guardduty-pentest/
RME-DisCo @ UNIZAR [www.reversea.me]
18 Nov, 18:51
Remote Code Execution: The Cybercriminal’s Golden Ticket #Cybersecurity #RCE #Vulnerability #Hacking #Awareness https://medium.com/ssd-secure-disclosure/remote-code-execution-the-cybercriminals-golden-ticket-44fe2d0a6353
RME-DisCo @ UNIZAR [www.reversea.me]
18 Nov, 14:34
Parrot Anafi Drone Reverse Engineering #ParrotAnafi #DroneReverseEngineering #HardwareHacking #PacketAnalysis #AttackCapabilities https://www.hardbreak.wiki/network-analysis/protocols/application-layer/proprietary-protocols/parrot-anafi-drone-reverse-engineering
RME-DisCo @ UNIZAR [www.reversea.me]
18 Nov, 11:30
CVE-2024-8956, CVE-2024-8957: How to Steal a 0-Day RCE (With a Little Help from an LLM) #GreyNoise #CVE #0Day #RCE #LLM https://www.labs.greynoise.io/grimoire/2024-10-31-sift-0-day-rce/
RME-DisCo @ UNIZAR [www.reversea.me]
18 Nov, 06:57
One weird trick to get the whole planet to send abuse complaints to your best friend(s) #AbuseComplaints #SpoofedIP #InternetSecurity #Infosec #TCPReset https://delroth.net/posts/spoofed-mass-scan-abuse/
RME-DisCo @ UNIZAR [www.reversea.me]
14 Nov, 15:37
ToxicPanda: a new banking trojan from Asia hit Europe and LATAM #ToxicPanda #BankingTrojan #Asia #Europe #LATAM https://www.cleafy.com/cleafy-labs/toxicpanda-a-new-banking-trojan-from-asia-hit-europe-and-latam
RME-DisCo @ UNIZAR [www.reversea.me]
14 Nov, 11:51
The Sophos kernel implant, ‘hack-back’ implications, CIA malware in Venezuela (podcast) #SophosKernelImplant #HackBack #CIAinVenezuela #CyberEspionage #ThreatIntelligence https://securityconversations.com/episode/the-sophos-kernel-implant-hack-back-implications-cia-malware-in-venezuela/
RME-DisCo @ UNIZAR [www.reversea.me]
14 Nov, 06:34
HTTP Security Headers: A complete guide to HTTP headers #HTTPSecurityHeaders #CompleteGuide #WebSecurity #HTTPHeaders #RiskMitigation https://www.darkrelay.com/post/http-security-headers
RME-DisCo @ UNIZAR [www.reversea.me]
13 Nov, 19:43
32 vulnerabilities in IBM Security Verify Access #IBMSecurityVerifyAccess #Vulnerabilities #ITSecurityResearch #AuthenticationBypass #Recommendations https://pierrekim.github.io/blog/2024-11-01-ibm-security-verify-access-32-vulnerabilities.html
RME-DisCo @ UNIZAR [www.reversea.me]
13 Nov, 14:46
Autonomous Discovery of Critical Zero-Days #ZeroPathBlog #AI #VulnerabilityDetection #DeepProgramAnalysis #AutonomousDiscovery https://zeropath.com/blog/0day-discoveries
RME-DisCo @ UNIZAR [www.reversea.me]
13 Nov, 10:42
Understanding RedLine Stealer: The Trojan Targeting Your Data #RedLineStealer #Trojan #MalwareAnalysis #DataTheft #Cybersecurity https://malwr-analysis.com/2024/08/22/understanding-redline-stealer-the-trojan-targeting-your-data/
RME-DisCo @ UNIZAR [www.reversea.me]
13 Nov, 07:47
Exploiting a Blind Format String Vulnerability in Modern Binaries: A Case Study from Pwn2Own Ireland 2024 #ExploitSuccess #BlindExploitation #StackPointer #WritingToStack #RopChain https://www.synacktiv.com/publications/exploiting-a-blind-format-string-vulnerability-in-modern-binaries-a-case-study-from
RME-DisCo @ UNIZAR [www.reversea.me]
12 Nov, 19:58
Give Me the Green Light Part 2: Dirty Little Secrets #TrafficController #DirtyLittleSecrets #WebAppPentesting #SNMP #NTCIP https://www.redthreatsec.com/blog/give-me-the-green-light-part2-dirty-little-secrets
RME-DisCo @ UNIZAR [www.reversea.me]
12 Nov, 14:54
Can't trust any VPN these days #VPNtroubles #DNSleaks #VPNconfig #DNSLeakTest #i3integration https://blog.orhun.dev/cant-trust-any-vpn/
RME-DisCo @ UNIZAR [www.reversea.me]
12 Nov, 10:44
Cracking into a Just Eat / Takeaway.com terminal with an NFC card #JustEat #Takeaway.com #NFCcard #TerminalCracking #AndroidExploit https://blog.mgdproductions.com/justeat-takeaway-terminal/
RME-DisCo @ UNIZAR [www.reversea.me]
12 Nov, 06:44
Mastering Memory Exploitation: Fundamentals, Stack Overflows, Shellcode, Format String Bugs, and Heap Overflows #MemoryExploitation #Cybersecurity #Vulnerabilities #TechGuide #ExploitationTechniques https://medium.com/@verylazytech/mastering-memory-exploitation-fundamentals-stack-overflows-shellcode-format-string-bugs-and-353270ec8128
RME-DisCo @ UNIZAR [www.reversea.me]
11 Nov, 19:30
Anatomy of an LLM RCE #LLM #RCE #Security #CodeExecution #Vulnerability https://www.cyberark.com/resources/threat-research-blog/anatomy-of-an-llm-rce
RME-DisCo @ UNIZAR [www.reversea.me]
11 Nov, 14:51
Introducing zizmor: now you can have beautiful clean workflows #Rust #Security #GitHubActions #workflows #development https://blog.yossarian.net/2024/10/27/Now-you-can-have-beautiful-clean-workflows
RME-DisCo @ UNIZAR [www.reversea.me]
11 Nov, 10:52
Retrofitting encrypted firmware is a Bad Idea™ #FirmwareEncryption #PrinterHacking #WTM #Lexmark #SecurityPolicy https://haxx.in/posts/wtm-wtf/
RME-DisCo @ UNIZAR [www.reversea.me]
11 Nov, 07:37
CVE-2024-26926 Analysis #LinuxKernel #CVE202426926 #Analysis #GitHub #SecurityVulnerabilities https://github.com/MaherAzzouzi/LinuxKernel-nday/blob/main/CVE-2024-26926/CVE_2024_26926_Analysis.pdf
RME-DisCo @ UNIZAR [www.reversea.me]
10 Nov, 12:37
LLM Security: Playing with ChatGPT code execution capability (Part 1) #LLMSecurity #ChatGPT #CodeExecution #Python #Obfuscation https://mohitdabas.wordpress.com/2024/10/25/llm-security-playing-with-chatgpt-code-execution-capability-part-1/
RME-DisCo @ UNIZAR [www.reversea.me]
09 Nov, 12:37
Vulnerabilities of Realtek SD card reader driver, part 1 #RealtekVulnerabilities #SDCardReader #DMAVulnerability #KernelMemoryLeak #PCIConfigSpaceAccess https://zwclose.github.io/2024/10/14/rtsper1.html
RME-DisCo @ UNIZAR [www.reversea.me]
08 Nov, 18:56
Sysdig 2024 Global Threat Report #SysdigThreatReport #GartnerMarketGuide #Frost&SullivanAward #SysdigSage #CloudSecurityInsights https://sysdig.com/blog/sysdig-2024-global-threat-report/
RME-DisCo @ UNIZAR [www.reversea.me]
08 Nov, 14:36
The Crypto Game of Lazarus APT: Investors vs. Zero-days #LazarusAPT #CryptocurrencyTheft #MOBAgame #ZeroDayExploit #GoogleChromeVulnerability https://securelist.com/lazarus-apt-steals-crypto-with-a-tank-game/114282/
RME-DisCo @ UNIZAR [www.reversea.me]
08 Nov, 10:44
The Red Dragon Searches for Pearls Through Quantum Tunneling – But You’ve Got the Wrong Paper #RedDragon #QuantumTunneling #SymmetricCryptography #NIST #AES https://nattothoughts.substack.com/p/chinas-quantum-tunneling-breakthrough
RME-DisCo @ UNIZAR [www.reversea.me]
08 Nov, 06:54
Using Nix to Fuzz Test a PDF Parser (Part One) # FuzzTesting #Nix #PDFParser #Honggfuzz #Workflow https://mtlynch.io/nix-fuzz-testing-1/
RME-DisCo @ UNIZAR [www.reversea.me]
07 Nov, 18:41
Authenticated Remote Code Execution in multiple Xerox printers #XeroxPrinters #RemoteCodeExecution #SECConsult #PatchingRequired #RootPrivileges https://sec-consult.com/vulnerability-lab/advisory/authenticated-remote-code-execution-in-multiple-xerox-printers/
RME-DisCo @ UNIZAR [www.reversea.me]
07 Nov, 15:51
Attacking APIs using JSON Injection #JSONInjection #APIHacking #SecurityEngineering #ExploitingAPIs #APIHackersInnerCircle https://danaepp.com/attacking-apis-using-json-injection
RME-DisCo @ UNIZAR [www.reversea.me]
07 Nov, 10:38
1-click Exploit in South Korea's biggest mobile chat app #KakaoTalkExploit #DeepLinkVulnerability #AccountTakeover #XSSAttack #BrowserInterception https://stulle123.github.io/posts/kakaotalk-account-takeover/
RME-DisCo @ UNIZAR [www.reversea.me]
07 Nov, 07:40
ONBUILD COPY . /var/www/pwned/ #ONBUILD #Dockerfile #securityrisk #ignoreimportantfiles #accidentaldataleaks https://bitplane.net/log/2024/10/from-me-to-you-to-everyone/
RME-DisCo @ UNIZAR [www.reversea.me]
06 Nov, 18:45
Call stack spoofing explained using APT41 malware #CallStackSpoofing #APT41Malware #CyberGeeks #MalwareAnalysis #EDRDetection https://cybergeeks.tech/call-stack-spoofing-explained-using-apt41-malware/
RME-DisCo @ UNIZAR [www.reversea.me]
06 Nov, 14:45
Spoofing Internal Packets for Multihomed Linux Devices #SpoofingInternalPackets #MultihomedLinuxDevices #ConntrackSpoofing #FirewallVulnerability #LinuxSecurity https://www.anvilsecure.com/blog/spoofing-internal-packets-for-multihomed-linux-devices.html
RME-DisCo @ UNIZAR [www.reversea.me]
06 Nov, 11:53
DTLS “ClientHello” Race Conditions in
WebRTC Implementations #ConcurrencyErrors #RaceConditions #WebRTC https://www.enablesecurity.com/research/webrtc-hello-race-conditions-paper.pdf
WebRTC Implementations #ConcurrencyErrors #RaceConditions #WebRTC https://www.enablesecurity.com/research/webrtc-hello-race-conditions-paper.pdf
RME-DisCo @ UNIZAR [www.reversea.me]
06 Nov, 07:36
search-vulns: web to search for known vulnerabilities in software #search_vulns #vulnerabilities #tech #license #privacy https://search-vulns.com/about
RME-DisCo @ UNIZAR [www.reversea.me]
05 Nov, 18:46
CloudGoat: New Scenario and Walkthrough (sns_secrets) #CloudGoat #CloudPenTesting #AWS #SNS_Secrets https://rhinosecuritylabs.com/research/cloudgoat-sns_secrets/
RME-DisCo @ UNIZAR [www.reversea.me]
05 Nov, 15:32
DLL Sideloading #DLLSideloading #CyberSecurity #IncidentResponse #Windows #DLLHijacking https://www.r-tec.net/r-tec-blog-dll-sideloading.html
RME-DisCo @ UNIZAR [www.reversea.me]
05 Nov, 11:53
Fortinet FortiGate CVE-2024-23113 - A Super Complex Vulnerability In A Super Secure Appliance In 2024 #FortinetCVE #SSLVPN #FormatStringVulnerability #FortiGateSecurity #2024ApplianceVulnerability https://labs.watchtowr.com/fortinet-fortigate-cve-2024-23113-a-super-complex-vulnerability-in-a-super-secure-appliance-in-2024/
RME-DisCo @ UNIZAR [www.reversea.me]
05 Nov, 06:47
Threat Hunting by using Log Analysis - The basics #ThreatHunting #LogAnalysis #ExploreAnomalies #StayProactive #FindHiddenThreats https://trunc.org/learning/threat-hunting-using-your-logs-part-I
RME-DisCo @ UNIZAR [www.reversea.me]
04 Nov, 23:03
Remember, remember the 5th of November, gunpowder, treason and plot; for there is a reason why gunpowder and treason should ne'er be forgot
RME-DisCo @ UNIZAR [www.reversea.me]
04 Nov, 19:50
Pwning a Brother labelmaker, for fun and interop! #BrotherLabelmaker #CUPSVulnerability #FileExfiltration #DeviceDisassembly #FirmwareExploit https://sdomi.pl/weblog/20-pwning-a-labelmaker/
RME-DisCo @ UNIZAR [www.reversea.me]
04 Nov, 15:32
CSPTPlayground: CSPTPlayground is an open-source playground to find and exploit Client-Side Path Traversal (CSPT). #CSPTPlayground #ClientSidePathTraversal #OpenSource #GitHub #Vulnerabilities https://github.com/doyensec/CSPTPlayground
RME-DisCo @ UNIZAR [www.reversea.me]
04 Nov, 10:38
Perfecting Ransomware on AWS — Using ‘keys to the kingdom’ to change the locks #AWSRansomware #KeyStore #AttackSimulation #Prevention #Cybersecurity https://medium.com/@harsh8v/redefining-ransomware-attacks-on-aws-using-aws-kms-xks-dea668633802
RME-DisCo @ UNIZAR [www.reversea.me]
04 Nov, 06:59
[Cracking Windows Kernel with HEVD] Chapter 4: How do we write a shellcode to elevate privileges and gracefully return to userland? #PrivilegeElevation #KernelExploit #WindowsSecurity #AssemblyProgramming #Shellcode https://mdanilor.github.io/posts/hevd-4/
RME-DisCo @ UNIZAR [www.reversea.me]
03 Nov, 12:37
[Cracking Windows Kernel with HEVD] Chapter 3: Can we rop our way into triggering our shellcode? #windowskernel #exploit #HEVD #ROPchain #privilegeescalation https://mdanilor.github.io/posts/hevd-3/
RME-DisCo @ UNIZAR [www.reversea.me]
02 Nov, 12:37
Measuring Detection Coverage #PurpleTeam #DetectionCoverage #ThreatLandscape #DetectionRules #DataSources https://ipurple.team/2024/10/10/measuring-detection-coverage/
RME-DisCo @ UNIZAR [www.reversea.me]
01 Nov, 19:45
[Cracking Windows Kernel with HEVD] Chapter 2: Is there a way to bypass kASLR, SMEP and KVA Shadow? #WindowsKernelExploit #HEVD #SMEP #KPTI #Bypass https://mdanilor.github.io/posts/hevd-2/
RME-DisCo @ UNIZAR [www.reversea.me]
01 Nov, 14:35
Can You Get Root With Only a Cigarette Lighter? #HardwareFaultInjection #ExploitWriting #EMFI #CPython #LinuxRootExploit https://www.da.vidbuchanan.co.uk/blog/dram-emfi.html#can-you-get-root-with-only-a-cigarette-lighter
RME-DisCo @ UNIZAR [www.reversea.me]
01 Nov, 10:45
[Cracking Windows Kernel with HEVD] Chapter 1: Will this driver ever crash? #WindowsKernelExploit #HEVD #BufferOverflow #ElevationOfPrivileges #StackOverflow https://mdanilor.github.io/posts/hevd-1/
RME-DisCo @ UNIZAR [www.reversea.me]
01 Nov, 06:46
[Cracking Windows Kernel with HEVD] Chapter 0: Where do I start? #WindowsKernelExploit #HEVD #Cracking #SMEP #KPTI https://mdanilor.github.io/posts/hevd-0/
RME-DisCo @ UNIZAR [www.reversea.me]
31 Oct, 19:36
Palo Alto Expedition: From N-Day to Full Compromise #PaloAltoExpedition #NodeZero #Cybersecurity #ThreatDetection #Vulnerabilities https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise
RME-DisCo @ UNIZAR [www.reversea.me]
31 Oct, 14:31
Exploiting AMD atdcm64a.sys arbitrary pointer dereference – Part 3 #exploit #AMD #vulnerability #ROPchain #WinDbg https://security.humanativaspa.it/exploiting-amd-atdcm64a-sys-arbitrary-pointer-dereference-part-3/
RME-DisCo @ UNIZAR [www.reversea.me]
31 Oct, 11:38
NHI Index -- In-Depth industry mapping of Non-Human Identities #NHIIndex #NHISecurity #DigitalEcosystems #ITManagement #CloudSecurity https://www.non-human.id/
RME-DisCo @ UNIZAR [www.reversea.me]
31 Oct, 06:30
The PrintNightmare is not Over Yet #PrintNightmareContinues #WindowsSecurity #Pentesting #VulnerabilityResearch #SpoofingBypass https://itm4n.github.io/printnightmare-not-over/
RME-DisCo @ UNIZAR [www.reversea.me]
30 Oct, 18:36
Exploiting Visual Studio via dump files - CVE-2024-30052 #VisualStudio #CVE202430052 #ArbitraryCodeExecution #DumpFiles #ExploitReady https://ynwarcs.github.io/exploiting-vs-dump-files
RME-DisCo @ UNIZAR [www.reversea.me]
30 Oct, 14:32
Pwning LLaMA.cpp RPC Server #LLAMACpp #RPCServer #ExploitDev #CTF https://pwner.gg/2024/10/03/llama-cpp-cves/
RME-DisCo @ UNIZAR [www.reversea.me]
30 Oct, 11:45
HTTP Parameter Pollution in 2024 ! #HTTPParameterPollution #WebSecurity #Languages #Frameworks #2024 https://medium.com/@0xAwali/http-parameter-pollution-in-2024-32ec1b810f89
RME-DisCo @ UNIZAR [www.reversea.me]
30 Oct, 07:59
Zimbra - Remote Command Execution (CVE-2024-45519) #Zimbra #RemoteCommandExecution #CVE202445519 #Nuclei #BugBounty https://blog.projectdiscovery.io/zimbra-remote-code-execution/
RME-DisCo @ UNIZAR [www.reversea.me]
29 Oct, 18:52
Emulating Android native libraries using unidbg #Unidbg #AndroidNativeLibraries #Emulation #ReverseEngineering #Security https://bhamza.me/blogpost/2024/09/10/Emulating-Android-native-libraries-using-unidbg.html
RME-DisCo @ UNIZAR [www.reversea.me]
29 Oct, 15:41
Iconv, set the charset to RCE: Exploiting the glibc to hack the PHP engine (part 3) #ExploitingGlibc #PHP #ArbitraryRead #MemoryLeak #CodeExecution https://www.ambionics.io/blog/iconv-cve-2024-2961-p3
RME-DisCo @ UNIZAR [www.reversea.me]
29 Oct, 11:49
CVE-2024-6769: Poisoning the Activation Cache to Elevate From Medium to High Integrity #CVE-2024-6769 #ElevationOfPrivileges #ActivationCachePoisoning #DLLHijacking #ExploitationTips https://www.fortra.com/blog/cve-2024-6769-poisoning-activation-cache-elevate-medium-high-integrity
RME-DisCo @ UNIZAR [www.reversea.me]
26 Oct, 11:37
Introducing Decentralized Chat #DecentralizedChat #SecureFileSharing #PrivacyFirst #InnovativeTechnology #RevolutionizingCommunication https://positive-intentions.com/blog/introducing-decentralized-chat/
RME-DisCo @ UNIZAR [www.reversea.me]
25 Oct, 17:31
4 exploits, 1 bug: exploiting cve-2024-20017 4 different ways #exploits #bug #cve202420017 #exploitmitigations #exploitdevelopment https://blog.coffinsec.com/0day/2024/08/30/exploiting-CVE-2024-20017-four-different-ways.html
RME-DisCo @ UNIZAR [www.reversea.me]
25 Oct, 14:36
A Journey From sudo iptables To Local Privilege Escalation #PrivilegeEscalation #LinuxSecurity #SudoCommands #Iptables #GTFOBins https://www.shielder.com/blog/2024/09/a-journey-from-sudo-iptables-to-local-privilege-escalation/
RME-DisCo @ UNIZAR [www.reversea.me]
25 Oct, 10:33
Link-Write Attack: A sweet combination #TarArchiveBehavior #GolangFileCreation #ArbitraryWrites #Exploitation #RemediationAdvice https://blog.nody.cc/posts/link-write-attack/
RME-DisCo @ UNIZAR [www.reversea.me]
25 Oct, 06:56
Applying Security Engineering to Make Phishing Harder - A Case Study #SecurityEngineering #Phishing #CaseStudy #VulnerabilityAnalysis #HardeningRecommendations https://blog.doyensec.com/2024/09/19/phishing-case-study.html
RME-DisCo @ UNIZAR [www.reversea.me]
23 Oct, 14:47
Applying Security Engineering to Make Phishing Harder - A Case Study #SecurityEngineering #Phishing #CaseStudy #VulnerabilityAnalysis #HardeningRecommendations https://blog.doyensec.com/2024/09/19/phishing-case-study.html
RME-DisCo @ UNIZAR [www.reversea.me]
23 Oct, 10:58
Vulnerabilities in Open Source C2 Frameworks #OpenSourceC2Frameworks #Vulnerabilities #IncludeSecurity #C2FrameworkThreats #C2FrameworkVulnerabilities https://blog.includesecurity.com/2024/09/vulnerabilities-in-open-source-c2-frameworks/
RME-DisCo @ UNIZAR [www.reversea.me]
23 Oct, 05:41
Revisiting MiniFilter Abuse Technique to Blind EDR #MiniFilterAbuse #BlindEDR #MitigationDefeated #SecurityTraining #RegOrderImpact https://tierzerosecurity.co.nz/2024/09/18/blind-edr-revisited.html
RME-DisCo @ UNIZAR [www.reversea.me]
22 Oct, 18:52
Taking over Train infrastructure in Poland /Traction power substation and lighting systems #TrainInfrastructurePoland #TractionPowerSubstations #LightingSystems #ICSResearch #InfrastructureAttack https://medium.com/@bertinjoseb/taking-over-train-infrastructure-in-poland-traction-power-substation-and-lighting-systems-2948594f259d
RME-DisCo @ UNIZAR [www.reversea.me]
22 Oct, 14:48
SSD Advisory – LANCOM LCOS Heap Overflow https://ssd-disclosure.com/ssd-advisory-lancom-lcos-heap-overflow/
RME-DisCo @ UNIZAR [www.reversea.me]
22 Oct, 09:44
Linux debugging, profiling and tracing training https://bootlin.com/doc/training/debugging/debugging-slides.pdf
RME-DisCo @ UNIZAR [www.reversea.me]
22 Oct, 05:50
CVE-2024-8190: Investigating CISA KEV Ivanti Cloud Service Appliance Command Injection Vulnerability #CVE-2024-8190 #IvantiCloudService #CISAKEV #CommandInjection #Horizon3AI https://www.horizon3.ai/attack-research/cisa-kev-cve-2024-8190-ivanti-csa-command-injection/
RME-DisCo @ UNIZAR [www.reversea.me]
21 Oct, 18:37
Exploiting Microsoft Kernel Applocker Driver (CVE-2024-38041) #MicrosoftKernelCVE #CyberSecurityServices #PatchDiffing #ExploitationProcess #RootCauseAnalysis https://csa.limited/blog/20240916-Exploiting-Microsoft-Kernel-Applocker-Driver.html
RME-DisCo @ UNIZAR [www.reversea.me]
21 Oct, 13:45
Exploit for CVE-2024-8504 & CVE-2024-8503: SQLi and RCE #Exploit #CVE-2024-8504 #SQLi #RCE #Vulnerabilities https://darkwebinformer.com/exploit-for-cve-2024-8504-cve-2024-8503-sqli-and-rce/
RME-DisCo @ UNIZAR [www.reversea.me]
21 Oct, 09:38
Acquiring Malicious Browser Extension Samples on a Shoestring Budget #acquiringMaliciousExtensions #crypto #cryptanalysis #C2Domains #IOCs https://pberba.github.io/crypto/2024/09/14/malicious-browser-extension-genesis-market/
RME-DisCo @ UNIZAR [www.reversea.me]
21 Oct, 05:36
CVE-2023-28324 Deep Dive: Ivanti Endpoint Manager AgentPortal Improper Input Validation #IvantiEndpointManager #CVE-2023-28324 #DeepDive #InputValidation #Horizon3ai https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-28324-deep-dive/
RME-DisCo @ UNIZAR [www.reversea.me]
20 Oct, 11:37
Microsoft Windows MSI Installer - Repair to SYSTEM - A detailed journey #Microsoft #Windows #MSIInstaller #Repair #SECConsultVulnerability https://sec-consult.com/blog/detail/msi-installer-repair-to-system-a-detailed-journey/
RME-DisCo @ UNIZAR [www.reversea.me]
19 Oct, 11:37
CVR: The Mines of Kakadûm https://bughunters.google.com/blog/6220757425586176/cvr-the-mines-of-kakad-m
RME-DisCo @ UNIZAR [www.reversea.me]
18 Oct, 10:10
We analyzed RTVE's geo-blocking implementation and found a vulnerability that allows unauthorized access to restricted content. Do you want to know more? Full story here: https://reversea.me/index.php/when-geolocation-based-media-streaming-blocking-goes-bad/ #WebAppSecurity #VulnAnalysis #RME #Research
RME-DisCo @ UNIZAR [www.reversea.me]
18 Oct, 05:40
Why Django’s [DEBUG=True] is a Goldmine for Hackers #DjangoDEBUGTrue #HackersGoldmine #SensitiveDataExposure #PreventExploitation #CybersecurityAwareness https://medium.com/@verylazytech/why-djangos-debug-true-is-a-goldmine-for-hackers-01486289607d
RME-DisCo @ UNIZAR [www.reversea.me]
16 Oct, 18:39
A new TrickMo saga: from Banking Trojan to Victim's Data Leak #TrickMo #AndroidTrojan #DataLeak #Cybersecurity #ThreatActor https://www.cleafy.com/cleafy-labs/a-new-trickmo-saga-from-banking-trojan-to-victims-data-leak
RME-DisCo @ UNIZAR [www.reversea.me]
16 Oct, 14:39
We Spent $20 To Achieve RCE And Accidentally Became The Admins Of .MOBI #RCE #AdminsOfMOBI #WHOISExploitation #InternetSecurity #GlobalSignBreach https://labs.watchtowr.com/we-spent-20-to-achieve-rce-and-accidentally-became-the-admins-of-mobi/
RME-DisCo @ UNIZAR [www.reversea.me]
16 Oct, 09:41
Bytecode Reuse Attack (Part 4) #BytecodeReuse #Exploitation #Security #Android #Mitigations https://lolcads.github.io/posts/2024/09/bytecode_exploitation_3/
RME-DisCo @ UNIZAR [www.reversea.me]
16 Oct, 06:34
The Security Canary Maturity Model #SecurityCanaryMaturityModel #Tracebit #CanaryDeployment #MaturityLevels #SecurityPrograms https://tracebit.com/blog/the-security-canary-maturity-model
RME-DisCo @ UNIZAR [www.reversea.me]
15 Oct, 18:47
Feeld dating app – Your nudes and data were publicly available #FeeldDatingApp #DataBreach #CyberSecurityLondon #Vulnerabilities #PrivacyIssues https://fortbridge.co.uk/research/feeld-dating-app-nudes-data-publicly-available/
RME-DisCo @ UNIZAR [www.reversea.me]
15 Oct, 13:47
Bytecode Injection (Part 3) #BytecodeInjection #Exploitation #Android #Java #CommandExecution https://lolcads.github.io/posts/2024/09/bytecode_exploitation_2/
RME-DisCo @ UNIZAR [www.reversea.me]
15 Oct, 09:40
Decrypting and Replaying VPN Cookies #VPNcookie #reverseengineering #HIPchecks #keyderivation #redteamdefense https://rotarydrone.medium.com/decrypting-and-replaying-vpn-cookies-4a1d8fc7773e
RME-DisCo @ UNIZAR [www.reversea.me]
15 Oct, 06:50
(not related to cybersecurity, but worth mentioning :)) Web port of the original Diablo game https://d07riv.github.io/diabloweb/
RME-DisCo @ UNIZAR [www.reversea.me]
14 Oct, 17:32
Critical Kibana Flaws (CVE-2024-37288, CVE-2024-37285) Expose Systems to Arbitrary Code Execution #CriticalKibanaFlaws #ArbitraryCodeExecution #CVE202437288 #CVE202437285 #UpdateImmediately https://securityonline.info/critical-kibana-flaws-cve-2024-37288-cve-2024-37285-expose-systems-to-arbitrary-code-execution/
RME-DisCo @ UNIZAR [www.reversea.me]
14 Oct, 13:39
When Certificates Fail: A Story of Bypassed MFA in Remote Access #MFAFail #CertificateBypass #RemoteAccess #SecurityVulnerability #UserAuthentication https://edermi.github.io/post/2024/mfa_bypass_mtls/
RME-DisCo @ UNIZAR [www.reversea.me]
14 Oct, 10:59
Bypassing PatchGuard at runtime #PatchGuardBypass #Runtime #WinDbg #KDNET #HEXDEREF https://hexderef.com/patchguard-bypass
RME-DisCo @ UNIZAR [www.reversea.me]
14 Oct, 06:33
Companion scanner for mockingjay injection #MockingjayInjection #GhostsInTheShell #HandlewalkAlgorithm #DLLSearch #MemoryProtections https://brunopincho.github.io/dllMemoryScanner/
RME-DisCo @ UNIZAR [www.reversea.me]
13 Oct, 11:37
The (Anti-)EDR Compendium #AntiEDR #ShellcodeLoader #AVSignatureScanning #MemoryScanning #WindowsDefender https://blog.deeb.ch/posts/how-edr-works/
RME-DisCo @ UNIZAR [www.reversea.me]
12 Oct, 11:37
A journey through KiUserExceptionDispatcher #EmulationEnvironment #KiUserExceptionDispatcher #ExceptionHandling #WindowsInternals #MauricesBlog https://momo5502.com/posts/2024-09-07-a-journey-through-kiuserexceptiondispatcher/
RME-DisCo @ UNIZAR [www.reversea.me]
11 Oct, 17:35
Going Native - Malicious Native Applications #MaliciousNativeApplications #NtAPI #RemoteProcessInjection #EarlyBootAccess #WindowsDefenderPermissions https://www.protexity.com/post/going-native-malicious-native-applications
2,557
subscribers
1
photos
4,763
videos
