Showing only posts tagged Exploits. Show all posts.
Last Week in Security (LWiS) - 2022-05-02
GitHub OAuth token hack, security.txt RFC (@EdOverflow), channel binding bypass for LDAP (@lowercase_drm), #ExtraReplica (@sagitz_, @shirtamari, @nirohfeld, @ronenshh), Windows kernel driver fun (@_xpn_), prefetch on Apple Silicon (@jose_vicarte and team), and more!
Last Week in Security (LWiS) - 2022-04-25
Acrobat extension issues (@WPalant), ECDSA signature in Java vuln (@neilmaddog), GPO LPE (@decoder_it), SSN resolution from process structs (@modexpblog), AWS container escape (@yuvalavra), and more!
Last Week in Security (LWiS) - 2022-04-18
.NET execution with docx (@danonit), AV evasion masterclass (@_vivami), Phisher's errors (@Marco_Ramilli), global injection and hooking (@m417z), custom transport protocols in Burp(@pentagridsec), advanced fuzzing (@kasifdekel), coercing NTLM authentication from SCCM (@_Mayyhem), xss iframe traps (@hoodoer), patchless AMSI bypass (@_EthicalChaos_), and more!
Last Week in Security (LWiS) - 2022-04-11
Full Edge exploit (@33y0re), dynamic P/Invoke (@bohops), Veeam exploits (@SinSinology), macOS LPE (@patch1t), AV debugger (@PlowSec), SMB over QUIC (@_xpn_), and more!
Last Week in Security (LWiS) - 2022-04-04
Shared section abuse (@BillDemirkapi), ISOs and office MOTW (@DidierStevens), better fuzzing harnesses (@h0mbre_), PoshC2 Linux ELF loader (@jdsnape), "Event pipes" for IPC (@x86matthew), Linux LPE (@pqlqpql), .soap webshells (@0xbad53c), and more!
Last Week in Security (LWiS) - 2022-03-28
RCE on a NAS (@alexjplaskett, @saidelike, and @FidgetingBits), Double Fetch vulns (@N1ckDunn), Razer LPE (@matthiasdeeg), DFIR cloud automation (@ZawadiDone), Ubuntu LPE (@ETenal7), and more!
Last Week in Security (LWiS) - 2022-03-21
Browser in the Browser (@mrd0x), OSINT Map (@MalfratsInd), Rust packer (@verixvogel), local Kerberos to bypass UAC (@tiraniddo), crash to read/write in Chakra (@33y0re), AtlasC2 (@Gr1mmie), detecting Shadow Credentials (@cfalta ), and more!
Last Week in Security (LWiS) - 2022-03-14
Embedded reversing (@zi0Black), SQL injection despite prepared statements (@Dooflin5), AutoWarp Azure token leak (@Yanir_), Viscosity DPAPI defeat (@checkymander), password tricks without mimikatz (@n00py1), Chakra exploitation (@33y0re), rethinking phishing assessments (@matterpreter), and more!
Last Week in Security (LWiS) - 2022-02-28
Stealing GitHub secrets (@not_an_aardvark), TeamsImplant (@allevon412), Nimcrypt2 (@icyguider), VMware RCEs (@elk0kc), LdapSignCheck (@cube0x0), yaradbg.dev (@DissectMalware), and more!
« newer articles | page 11 | older articles »