2023-11-05 | Hacker Trends

11/04

11/05

11/06

10 Posts

start remote registry as unprivileged user in reg.py by dadevel · Pull Request #1638 · fortra/impacket · GitHub

https://github.com/fortra/impacket/pull/1638

start remote registry as unprivileged user in reg.py by dadevel · Pull Request #1638 · fortra/impacket · GitHub

7 Posts

[P2O Vancouver 2023] SharePoint Pre-Auth RCE chain (CVE-2023–29357 & CVE-2023–24955) | STAR Labs

https://starlabs.sg/blog/2023/09-sharepoint-pre-auth-rce-chain/

[P2O Vancouver 2023] SharePoint Pre-Auth RCE chain (CVE-2023–29357 & CVE-2023–24955) | STAR Labs

6 Posts

https://www.localpotato.com/localpotato_html/LocalPotato.html

https://www.localpotato.com/localpotato_html/LocalPotato.html

4 Posts

GitHub - daem0nc0re/PrivFu: Kernel mode WinDbg extension and PoCs for token privilege investigation.

https://github.com/daem0nc0re/PrivFu#s4udelegator

GitHub - daem0nc0re/PrivFu: Kernel mode WinDbg extension and PoCs for token privilege investigation.

4 Posts

Socks5Systemz proxy service infects 10,000 systems worldwide

https://www.bleepingcomputer.com/news/security/socks5systemz-proxy-service-infects-10-000-systems-worldwide/

Socks5Systemz proxy service infects 10,000 systems worldwide

4 Posts

cURL and libcurl CVEs Unwrapped: Debunking the Hype

https://hadrian.io/blog/curl-and-libcurl-cves-unwrapped-debunking-the-hype

cURL and libcurl CVEs Unwrapped: Debunking the Hype

4 Posts

From Akamai to F5 to NTLM... with love.

https://blog.malicious.group/from-akamai-to-f5-to-ntlm/

From Akamai to F5 to NTLM... with love.

4 Posts

GitHub - archercreat/titan: Titan is a VMProtect devirtualizer

https://github.com/archercreat/titan

GitHub - archercreat/titan: Titan is a VMProtect devirtualizer

4 Posts

Use Wasm to Bypass Latest Chrome v8sbx Again | by Numen Cyber Labs | Nov, 2023 | Medium

https://medium.com/@numencyberlabs/use-wasm-to-bypass-latest-chrome-v8sbx-again-639c4c05b157

Use Wasm to Bypass Latest Chrome v8sbx Again | by Numen Cyber Labs | Nov, 2023 | Medium

4 Posts

r-tec Blog | .NET Assembly Obfuscation for Memory Scanner Evasion - r-tec Cyber Security

https://buff.ly/3ZI5wL0

r-tec Blog | .NET Assembly Obfuscation for Memory Scanner Evasion - r-tec Cyber Security

4 Posts

slides/POC2023 at main · bink3R/slides · GitHub

https://github.com/bink3R/slides/tree/main/POC2023

slides/POC2023 at main · bink3R/slides · GitHub

3 Posts

An Introduction into Stack Spoofing

https://dtsec.us/2023-09-15-StackSpoofin/

An Introduction into Stack Spoofing

3 Posts

Okta Hack Blamed on Employee Using Personal Google Account on Company Laptop - SecurityWeek

https://www.securityweek.com/okta-hack-blamed-on-employee-using-personal-google-account-on-company-laptop/

Okta Hack Blamed on Employee Using Personal Google Account on Company Laptop - SecurityWeek

3 Posts

Apple 'Find My' network can be abused to steal keylogged passwords

https://www.bleepingcomputer.com/news/apple/apple-find-my-network-can-be-abused-to-steal-keylogged-passwords/

Apple 'Find My' network can be abused to steal keylogged passwords

3 Posts

Warning: Unpatched Cisco Zero-Day Vulnerability Actively Targeted in the Wild

https://thehackernews.com/2023/10/warning-unpatched-cisco-zero-day.html

Warning: Unpatched Cisco Zero-Day Vulnerability Actively Targeted in the Wild

3 Posts

Linux Hardening Guide | Madaidan's Insecurities

https://madaidans-insecurities.github.io/guides/linux-hardening.html

Linux Hardening Guide | Madaidan's Insecurities