Last Week in Security (LWiS) - 2022-12-05
ChatGPT (@OpenAI), Huawei hypervisor research (@lyte__ + @NeatMonster_), Tailscale DNS rebiding attacks (@JJJollyjim), Using CodeQL to find RCE (@frycos), PPLcontrol (@itm4n), and more!
ChatGPT (@OpenAI), Huawei hypervisor research (@lyte__ + @NeatMonster_), Tailscale DNS rebiding attacks (@JJJollyjim), Using CodeQL to find RCE (@frycos), PPLcontrol (@itm4n), and more!
AWS AppSync exploit (@Frichette_n), F5 unauth RCE, Meta's new VCS, Chrome exploitation (@jack_halon), Kerberoasting customization (@Ben0xA), macOS sandbox escape (@_r3ggi), and more!
ROADtools Token eXchange (@_dirkjan), Certified pre-owned followup (@harmj0y + @tifkin_), AAD Privileged Access (@0xcsandker), FindEmptySystem (@christruncer), TelemetrySource (@jsecurity101), and more!
I'm a day late - sorry!
🎃 Spooky (forthcoming) OpenSSL 3 critical vuln, RC4 fun (@tiraniddo), Autodial DLL techniques (@TheXC3LL), token leak abuse via webshell (@_Kudaes_), Open-Obfuscator (@rh0main), more exchange pwnage from 🍊 (@orange_8361), and more!
Untangling Azure Permissions (@0xcsandker), V8 and JS internals of Chrome (@jack_halon), MS Office Online Server RCE chain (@IndiShell1046), ManageEngine Decryptor (@W9HAX), SharedMemUtils (@x86matthew), and more!
Cobalt Strike RCE (@0x09AL + @FuzzySec), Docker Compose for red teams (@BuckinghamEzra), portable malware (@CaptMeelo), free root servers (@hackerschoice), LastPass tricks (@rbmaslen), practical attacks against NTLMv1 (@n00py1), and more!
Intel Alder Lake src leak (@vxunderground ), PHP payloads in PNGs (@ROLANDQuentin2), Zimbra RCE via email, macOS Gatekeeper bypass (@JamfSoftware), ShadowSpray (@dec0ne), and more!
Kerberos downgrade attack (@tiraniddo), Havoc C2 (@C5pider), ASNmap (@pdiscoveryio), static vs behavioral detection (@ShitSecure), Freeze payload toolkit (@Tyl0us), multiple tools from @D1rkMtr, cheap Yubikeys, Playstation 5 jailbreak, and more!
AttachMe Oracle Cloud vuln (@eladgabay_), JuicyPotatoNG service to SYSTEM privesc (@decoder_it + @splinter_code), personal phishing (@Direct_Defense), AD CS pwnage (@theluemmel), Kerberos FAST protection (@4ndr3w6S), service exploitation via pipes (@x86matthew), and more!