Last Week in Security (LWiS) - 2023-12-04

O365 Phishing infra (@pfiatde), EvilSlackbot (@infosec_drewze), Sonos jailbreak (@alexjplaskett), DNS attacks (@timolongin), DNS rebinding attack (@_danielthatcher), and more!

Last Week in Security is a summary of the interesting cybersecurity news, techniques, tools and exploits from the past week. This post covers 2023-11-27 to 2023-12-04.


  • About the security content of iOS 17.1.2 and iPadOS 17.1.2. Two webkit vulnerabilities may have been exploited in the wild. Not to be outdone, Chrome patched their sixth 0day this year. Browsers are where the data is and the most frequent way users execute untrusted code, so its where the high value exploitation is as well.

Techniques and Write-ups

Tools and Exploits

New to Me and Miscellaneous

This section is for news, techniques, write-ups, tools, and off-topic items that weren't released last week but are new to me. Perhaps you missed them too!

  • windiff - Web-based tool that allows comparing symbol, type and syscall information of Microsoft Windows binaries across different versions of the OS.
  • PySQLRecon - Offensive MSSQL toolkit written in Python, based off SQLRecon.
  • Kerberos.NET - A Kerberos implementation built entirely in managed code.
  • Scudo is a C++ class that encrypts and dynamically executes functions. This open-source repository offers a concise solution for securing and executing encrypted functions in your codebase.

Techniques, tools, and exploits linked in this post are not reviewed for quality or safety. Do your own research and testing. This post is cross-posted on SIXGEN's blog.