Last Week in Security (LWiS) - 2022-07-25
The end of PPLdump (@itm4n), beacon detection (@domchell), 30k Wordpress XXS+SQLi (@MrTuxracer), string encryption in c++ (@mcbroom_evan), create a DLL hijack (@x86matthew), and more!
Showing only posts tagged LWiS. Show all posts.
Last Week in Security (LWiS) - 2022-07-18
Oauth hijacks (@fransrosen), Macros are back, but also not (@serghei), AD magic (@_dirkjan), Altiris for lateral movement (@__invictus_), next level token stealing (@harmj0y), xss to cread stealing (@hoodoer), and more!
Last Week in Security (LWiS) - 2022-07-05
In the wild 0days (@maddiestone), new Win11 primitive (@yarden_shafir), Cloudflare ZeroTrust for C2 (@zux0x3a), macOS LPEs (@LinusHenze + @zhuowei + Jack Dates of @ret2systems), SCCM abuse (@subat0mik + @_Mayyhem), Diamond Tickets (@4ndr3w6S), and more!
Last Week in Security (LWiS) - 2022-06-27
Pre-auth RCE on Oracle Cloud (@peterjson + @testanull), Global Jacuzzi hack (@XeEaton), goodfaith scoping (@ryanelkins), Tailscale SSH (@MayaKaczorowski), WerFault lsass dumper (@asaf_gilboa + @s4ntiago_p), ADFSRelay (@praetorianlabs), modern C2 (@preemptdev), and more!
Last Week in Security (LWiS) - 2022-06-20
ASP .NET audit (@frycos), iOS ROP ⛓️ (@inversecos), EnumDisplayMonitors to run 🐚code (@Marco_Ramilli), pcap for problem solving (@DebugPrivilege), RPC vuln (@s1ckb017), 🎣 for persistence (@matterpreter), Azure attack paths (@ZephrFish), and more!
Last Week in Security (LWiS) - 2022-06-14
RE an iOS app (@inversecos), More Azure Managed Identity attacks (@_wald0), excellent hardware hacking (@matthiasdeeg), printer pwnage (@Nikaiw, @JRomainG, @_trou_), BloodHound false positive reduction (@simondotsh), Ghostwriter 3.0 (@cmaddalena), and more!
Last Week in Security (LWiS) - 2022-06-06
Confluence RCE, Open Redirect -> RCE (@ByQwert), U-Boot vulns (@NCCGroupInfosec), Azure Managed Identity attacks (@_wald0), Deep Learning password extraction (@harmj0y), LSASS cryptography (@SkelSec), and more!
Last Week in Security (LWiS) - 2022-05-31
Follina Word RCE (@_JohnHammond + @BillDemirkapi), PyPI CTX and PHPass compromise (@aydinnyunuss), Gargoyle w/ROP (@thefLinkk), Fuchsia OS kernel hacking (@a13xp0p0v), custom Cypher (@simondotsh), code audit process (@frycos), and more!
Last Week in Security (LWiS) - 2022-05-23
Nighthawk 0.2 (@MDSecLabs), Parallels VM escape write-up (@ret2systems), Rust supply chain attack (@juanandres_gs), DPAPI entropy capture (@merrillmatt011), HVCI "work-around" (@33y0re), S4U2* attacks (@theluemmel), and more!
Last Week in Security (LWiS) - 2022-05-16
page 1 | older articles »