Jun 15 2023 Last Week in Security (LWiS) - 2023-06-15

A months worth of news, techniques, tools and exploits!

May 22 2023 Last Week in Security (LWiS) - 2023-05-22

From DA to EA (@_wald0), CS OPSEC (@joehowwolf), CS BOFs in BRC4 (@NVISOsecurity), Avast LPE (@Denis_Skvortcov), LOLBINs in AV (@nas_bench), and more!

May 09 2023 Last Week in Security (LWiS) - 2023-05-09

Windows DHCPv6 RCE (@thezdi), hashcat rule process (@JakeWnuk@infosec.exchange), 🐍 FSB implant (@NSACyber), x64dbg XFG plugin (@m417z), Freeze.rs (@Tyl0us), and more!

May 01 2023 Last Week in Security (LWiS) - 2023-05-01

ML packer classification (@accidentalrebel), DLL unlinking (@christophetd@infosec.exchange), Apache Superset and Papercut RCEs (@Horizon3Attack), SushiSwap hack (@Dooflin5), macOS LPE (@patch1t), macros in 2023 (@ptrpieter), nanodump update (@s4ntiago_p), and more!

Apr 17 2023 Last Week in Security (LWiS) - 2023-04-17

PDF RCE (@sigabrt9), more PersistAssist (@FortyNorthSec), 5x SMM vulns (@uffeux), PRTG XSS 0day (@SkylightCyber), and more!

Apr 10 2023 Last Week in Security (LWiS) - 2023-04-10

Windows installer LPE (@a_denkiewicz), unhooking without direct syscalls (@Kharosx0), dynamic linking injection (@praetorianlabs), suspending AV (@freefirex2), dir2json (@bitsadmin), DPAPISnoop (@lefterispan), and more!

Mar 20 2023 Last Week in Security (LWiS) - 2023-03-20

RCE any Samsung phone (@itswillis), Parallels escape (@the_impalabs), AD trust issues (@exploitph), glitching past all ESP32 defenses (@raelizecom), PPL defeated again (@itm4n), and more!

Mar 07 2023 Last Week in Security (LWiS) - 2023-03-07

Cobalt Strike 4.8 (@gregdarwin), Timeroasting, Mythic 3.0 (@its_a_feature_), LastPass breach saga continues, CosmosDB XSS to account takeover (@Creastery), 😈 chrome extension (@mattfriz), and more!

Feb 21 2023 Last Week in Security (LWiS) - 2023-02-21

FortiNAC RCE, NimPlant (@chvancooten), LPE via GPO (@decoder_it), bypassing Okta MFA (@n00py1), injection with NtQueueApcThreadEx (@LloydLabs), DKOM attacks on ETW providers (@FuzzySec), PCIe on Windows (@4lpine), and more!

Feb 13 2023 Last Week in Security (LWiS) - 2023-02-13

Phishing in 2023 (@0xcsandker), SaltStack A-Salt (Alex Hill - @SkylightCyber), LocalPotato (@decoder_it + @elad_shamir), install4j XXE (@frycos), LPE in Avast (@Denis_Skvortcov), learning Semgrep (@jrozner), and more!