2022-11-23 | Hacker Trends

11/22

11/23

11/24

12 Posts

From Zero to Hero Part 1: Bypassing Intel DCM’s Authentication by Spoofing Kerberos and LDAP Responses (CVE-2022-33942) – RCE Security

https://www.rcesecurity.com/2022/11/from-zero-to-hero-part-1-bypassing-intel-dcms-authentication-by-spoofing-kerberos-and-ldap-responses-cve-2022-33942

From Zero to Hero Part 1: Bypassing Intel DCM’s Authentication by Spoofing Kerberos and LDAP Responses (CVE-2022-33942) – RCE Security

10 Posts

misc/etw-amsi-llex-patch.c at main · rad9800/misc · GitHub

https://github.com/rad9800/misc/blob/main/etw-amsi-llex-patch.c

misc/etw-amsi-llex-patch.c at main · rad9800/misc · GitHub

9 Posts

x86 PAC · pietroborrello/CustomProcessingUnit@936a684 · GitHub

https://github.com/pietroborrello/CustomProcessingUnit/commit/936a68492ce17bea1dd6a86fdb81a1bb06661d84

x86 PAC · pietroborrello/CustomProcessingUnit@936a684 · GitHub

8 Posts

An End to KASLR Bypasses? – Winsider Seminars & Solutions Inc.

https://windows-internals.com/an-end-to-kaslr-bypasses/

An End to KASLR Bypasses? – Winsider Seminars & Solutions Inc.

7 Posts

Nighthawk Likely to Become Hackers' New Post-Exploitation Tool After Cobalt Strike

https://thehackernews.com/2022/11/nighthawk-likely-to-become-hackers-new.html

Nighthawk Likely to Become Hackers' New Post-Exploitation Tool After Cobalt Strike

7 Posts

Triage | Behavioral Report

https://tria.ge/221123-qam45sge31/behavioral2

Triage | Behavioral Report

7 Posts

MalwareBazaar | Browse Checking your browser

https://bazaar.abuse.ch/sample/fc037c0351d03aa393f42fffbaf97b4f1442cd0d8c5980a0f47f3d9d22d8a6a5/

MalwareBazaar | Browse Checking your browser

7 Posts

Nighthawk: An Up-and-Coming Pentest Tool Likely to Gain Threat Actor Notice | Proofpoint US

https://www.proofpoint.com/us/blog/threat-insight/nighthawk-and-coming-pentest-tool-likely-gain-threat-actor-notice

Nighthawk: An Up-and-Coming Pentest Tool Likely to Gain Threat Actor Notice | Proofpoint US

https://www.bleepingcomputer.com/news/security/russian-cybergangs-stole-over-50-million-passwords-this-year/

6 Posts

Accidental $70k Google Pixel Lock Screen Bypass - bugs.xdavidhu.me

https://bugs.xdavidhu.me/google/2022/11/10/accidental-70k-google-pixel-lock-screen-bypass/

Accidental $70k Google Pixel Lock Screen Bypass - bugs.xdavidhu.me

6 Posts

Richard Johnson on Twitter: "5 exploitable vulns in Androids Mali GPU driver leading to LPE and mitigation bypasses. Most phones with Mali GPU including Pixel, Samsung, etc still vuln .. nice way to get full system access for further vulndev." / Twitter

https://twitter.com/i/web/status/1595223582753554438

Richard Johnson on Twitter: "5 exploitable vulns in Androids Mali GPU driver leading to LPE and mitigation bypasses. Most phones with Mali GPU including Pixel, Samsung, etc still vuln .. nice way to get full system access for further vulndev." / Twitter

6 Posts

The Windows Subsystem for Linux in the Microsoft Store is now generally available on Windows 10 and 11 - Windows Command Line

https://devblogs.microsoft.com/commandline/the-windows-subsystem-for-linux-in-the-microsoft-store-is-now-generally-available-on-windows-10-and-11/

The Windows Subsystem for Linux in the Microsoft Store is now generally available on Windows 10 and 11 - Windows Command Line

6 Posts

Nighthawk: With Great Power Comes Great Responsibility - MDSec

https://www.mdsec.co.uk/2022/11/nighthawk-with-great-power-comes-great-responsibility/

Nighthawk: With Great Power Comes Great Responsibility - MDSec