securityXspace: a blog about cyber-philosophy.
-
SQLite Vulnerabilities Demoed With Hacking of iPhone, Malware C&C
Researchers have uncovered some potentially serious SQLite vulnerabilities and they have demonstrated their findings by hacking an iPhone and a command and control (C&C) server used by malware. read more… Source: SQLite Vulnerabilities Demoed With Hacking of iPhone, Malware C&C
-
FireEye: Finding Evil in Windows 10 Compressed Memory, Part Three: Automating Undocumented Structure Extraction
The final post in FireEye’s three-part series on Windows 10 memory forensics. This last part looks at how to automate the extraction of undocumented structures from deep within memory using the tools introduced in the earlier parts. Check out the FireEye presentations at BlackHat and DefCon. Source: Finding Evil in Windows 10 Compressed Memory, Part…
-
FireEye: Finding Evil in Windows 10 Compressed Memory, Part Two: Virtual Store Deep Dive
Read the second part of this series from FireEye looking into memory forensics in Windows 10. This ties in with their presentation at this year’s BlackHat USA 2019 in Las Vegas. Source: Finding Evil in Windows 10 Compressed Memory, Part Two: Virtual Store Deep Dive
-
VBScript is dead! Long live VBScript.
Sophos reports that Microsoft are making good on their promise to kill off everyone’s favourite scripting language, VBScript. On August 2nd Microsoft pushed the ‘off-button’ on Window 8 / 8.1 devices. You can still use it if you are that perverted, but you need to do some serious GPO fiddling. Check out their report.
-
HTTP Desync attacks
New research from the PortSwigger team blog to accompany their demonstrations at DEFCON and BlackHat. This detailed paper introduces their new method of attack, with clear examples and impacts. A very concise description of mitigation options. Check out the detail here.
-
Superhedgy’s AttackSurfaceMapper
AttackSurfaceMapper is an OSINT reconnaissance tool for use in the initial stages of a penetration test. I suppose it could also be used by internal teams to monitor an organisation’s digital footprint and attack surface for changes over time. This version requires python3 and has just been released on Github.
-
Scapy – A packet manipulation tool
The latest version of Scapy, a python-based PCAP packet manipulation tool, has been released on Aug 07. Scapy enables scanning, fingerprinting, sniffing and packet forging. Scapy required python and runs on pretty much any platform that support python. The documentation is rich and details and covers all the major features. Check out the installation page…
-
Cisco Patches Critical Flaws in Network Switches
Cisco this week released patches to address several vulnerabilities in its Small Business 220 Series Smart Switches, including two bugs rated Critical severity. Source: Cisco Patches Critical Flaws in Network Switches
-
Severe local 0-Day escalation exploit found in Steam Client Services
Gamers beware! Ars Technica: A security flaw in Steam’s client service allows easy execution of arbitrary code as LOCALSYSTEM. Earlier today, disgruntled security researcher Vasily Kravets released a zero-day vulnerability in the Windows version of the ubiquitous gaming service Steam. Source: Severe local 0-Day escalation exploit found in Steam Client Services
-
Reverse RDP Attack Also Enables Guest-to-Host Escape in Microsoft Hyper-V
The Hacker News: Remember the Reverse RDP Attack? Earlier this year, researchers disclosed clipboard hijacking and path-traversal issues in Microsoft’s Windows built-in RDP client that could allow a malicious RDP server to compromise a client computer, reversely. (You can find details and a video demonstration for this security vulnerability, along with dozens of critical flaws…
securityXspace 