Last Week in Security (LWiS) - 2024-12-02
Windows LPE (@SecuriTeam_SSD), Nighthawk 0.3.3 (@MDSecLabs), Advanced Cobalt Strike Usage (@_RastaMouse), Webcam LED control (@andreyknvl), AI/ML attacks (@olivier_boschko), and more!
Windows LPE (@SecuriTeam_SSD), Nighthawk 0.3.3 (@MDSecLabs), Advanced Cobalt Strike Usage (@_RastaMouse), Webcam LED control (@andreyknvl), AI/ML attacks (@olivier_boschko), and more!
Sitecore Exploit (@assetnote + @plopz0r), CI/CD CTF (@MagisterQuis), new Mythic agent (@silentwarble), cmake based win32 shellcode template (@ilove2pwn_), and more!
Arc browser RCE (@RenwaX23), more Fortinet woes (@SinSinology), PowerHuntShares v2 (@_nullbind), make_token_cert (@freefirex2), BOFs without DFR (@netbiosX), and more!
🕵️📱 Mysterious iPhone reboots, Tor under attack, Citrix Unauth RCE (@SinSinology), GitHub Actions attack (@adnanthekhan), and more!
WAF bypasses (@MDSecLabs), sastsweep (@_chebuya), Early Cascade injection (@DaWouw), and more!
Delta Sues Crowdstrike (@CrowdStrike), Jenkins Post-Exploitation (@TrustedSec), PE embedded within a PNG (@MalDevAcademy), Prompt Injection to C2 (@wunderwuzzi23), and more!
VNC-Like over SCCM (@netero_1010), Use LLMs to find CVEs (@ProtectAICorp), New process 💉 technique (@OutflankNL), 💰 Big acquisition (@Sophos), and more!
FortiGate exploit (@watchtowrcyber), Azure admin approval bypass (@PedroGabaldon), dylib 💉 in Teams (@Coiffeur0x90), Ivanti Connect Secure vuln (@buffaloverflow), and more!
I-XRAY doxxing 🕶️ (@AnhPhuNguyen1 + @CaineArdayfio), TeamViewer LPE (@PedroGabaldon), C# source generators (@DragoQcc), ⏲️-based user enum (@nyxgeek), and more!
CUPS RCE (@evilsocket), driver vulns (@vinopaljiri), NamelessC2 release (@trickster012), liveness detection bypass (@CaptMeelo), Windows LPE (@ricnar456), and more!