[Exploitation]
⦿ An incorrect calculation bug in the linux kernel EBPF Verifier - Lucas Leong
⦿ Chrome 1-Day Hunting - Uncovering and Exploiting CVE-2020-15999
https://starlabs.sg/blog/2021/01/chrome-1-day-hunting-uncovering-and-exploiting-cve-2020-15999
⦿ CVE-2020-5144 – SonicWall Global VPN New Elevation of Privileges Vulnerability - Chen Erlich
⦿ CVE-2020-9971 Abusing XPC Service mechanism to elevate privilege in macOS/iOS
https://xlab.tencent.com/en/2021/01/11/cve-2020-9971-abusing-xpc-service-to-elevate-privilege
⦿ Escaping VirtualBox 6.1: Part 1 - Sauercl0ud, a2nkf, localo
https://secret.club/2021/01/14/vbox-escape.html
⦿ Exploiting CVE-2014-3153 (Towelroot)
https://elongl.github.io/exploitation/2021/01/08/cve-2014-3153.html
⦿ Hunting for Bugs in Windows Mini-Filter Drivers - James Forshaw
https://googleprojectzero.blogspot.com/2021/01/hunting-for-bugs-in-windows-mini-filter.html
⦿ ROCESS HERPADERPING – WINDOWS DEFENDER EVASION - Pentest Laboratories Ltd
https://pentestlaboratories.com/2021/01/18/process-herpaderping-windows-defender-evasion/
⦿ The State of State Machines - Natalie Silvanovich
https://googleprojectzero.blogspot.com/2021/01/the-state-of-state-machines.html
[Web]
⦿ CVE-2021-2109 Weblogic Remote Code Execution involving HTTP protocol and JNDI injection gadget
https://mp.weixin.qq.com/s/wX9TMXl1KVWwB_k6EZOklw
⦿ Exploiting Error Based SQL Injections & Bypassing Restrictions
⦿ Finding 0day to hack Apple - @rootxharsh & @iamnoooob
https://github.com/httpvoid/writeups/blob/main/Apple-RCE.md
[Network]
⦿ DNSpooq - Kaminsky attack is back!
https://www.jsof-tech.com/disclosures/dnspooq/
⦿ Cache poisoning in popular open source packages - Adam Goldschmidt
https://snyk.io/blog/cache-poisoning-in-popular-open-source-packages/
[malware]
⦿ A Deep Dive into Lokibot Infection Chain
https://blog.talosintelligence.com/2021/01/a-deep-dive-into-lokibot-infection-chain.html
⦿ Building a Custom Malware Analysis Lab Environment - MARCO FIGUEROA
https://labs.sentinelone.com/building-a-custom-malware-analysis-lab-environment/
⦿ From A to X analyzing some real cases which used recent Emotet samples
⦿ Linux.Midrashim: Assembly x64 ELF virus - @guitmz
https://www.guitmz.com/linux-midrashim-elf-virus/
⦿ Raindrop: New Malware Discovered in SolarWinds Investigation
https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/solarwinds-raindrop-malware
⦿ Sunburst backdoor – code overlaps with Kazuar - Kaspersky
https://securelist.com/sunburst-backdoor-kazuar/99981
[기타]
⦿ How to use Ghidra to Reverse Engineer Mobile Application - K O M A L
⦿ Machine Learning for Security
https://security.kiwi/docs/introduction/
⦿ macOS Post-Exploitation Shenanigans with VSCode Extensions
https://www.mdsec.co.uk/2021/01/macos-post-exploitation-shenanigans-with-vscode-extensions
⦿ Wireshark Tutorial: Examining Emotet Infection Traffic - Brad Duncan
https://unit42.paloaltonetworks.com/wireshark-tutorial-emotet-infection/
⦿ Zero Days, Thousands of Nights
https://www.rand.org/pubs/research_reports/RR1751.html
[툴]
⦿ Snort 3 officially released
https://blog.snort.org/2021/01/snort-3-officially-released.html
⦿ LIEF 0.11 released
https://lief.quarkslab.com/doc/stable/changelog.html#v0.11.0
⦿ Svetovid : Post-exploitation scripts and binaries
https://github.com/redcode-labs/Svetovid
⦿ virii : Collection of ancient computer virus source codes :
https://github.com/guitmz/virii
⦿ lazyweb : Vulnerable Web Application for test
https://github.com/RamadhanAmizudin/lazyweb
'기타' 카테고리의 다른 글
| 기술 문서 자료 (2021.01 - 4주) (0) | 2021.01.29 |
|---|---|
| 주요 뉴스 (2021.01 - 4주) (0) | 2021.01.28 |
| 주요 뉴스 (2021.01 - 3주) (0) | 2021.01.25 |
| 주요 뉴스 (2021.01 - 2주) (0) | 2021.01.18 |
| 기술 문서 자료 (2021.01 - 2주) (0) | 2021.01.14 |